|MODULBEAUFTRAGTE:R:||Prof. Dr. Martina Angela Sasse, M. Sc. Yasemin Acar, M. Sc. Konstantin Fischer|
|LECTURER:||Prof. Dr. Martina Angela Sasse|
|FACULTY:||Fakultät für Informatik|
|OFFERED IN:||each winter semester|
lecture with tutorials
The aim of the lecture is to examine the reasons why
1. cryptographic solutions – which experts agree offer good protection against most oft the common attacks today – are not adopted by most individuals and organisations, and
2. end-users, developers and system administrators who do use cryptographic solutions in some form frequently make mistakes that undermine the security protection.
CONTENTIn 1999, Whitten & Tygar’s seminal USENIX paper "Why Johnny Can’t Encrypt" established that people cannot use PGP encryption correctly, even with a graphical user interface and instruction.
Over the past 20 years, there has been a string of Johnny papers on studies trying to encourage adoption or correct usage. The aim of this CASA lecture is to systematically examine the results of these studies and identify effective ways of promoting adoption and enable correct use of cryptography.
- Usability, utility and technology adoption
- Security threat models and people’s mental models
- Complexity or simplicity – who needs to know what?
- Designing frictionless user journeys
- Methods for testing and tweaking
REQUIREMENTS CREDITSPassed examination
RECOMMENDED PRIOR KNOWLEDGELecture "Introduction to Usable Security and Privacy"
MISC INFORMATIONRules for winter semester 2021:
The number of participants is limited to 30. You have time to enroll until Oct 1, 2021, via e-mail to firstname.lastname@example.org. In your email, please include the following:
- that you would like to participate in the course
- the exact name of your study program, your number of semesters in this program so far, and your matriculation number
- which courses with relevance to this lecture you have already attended (e.g. HCS + mobsec lectures, seminars, internships)
If you like, you may also add 1-2 sentences of motivation.