1. »
  2. Mobile Security

Mobile Security

IT se­cu­ri­ty has be­co­me re­le­vant for a wide range of users and or­ga­niza­t­i­ons, and a wide range of cryp­to­gra­phic pri­mi­ti­ves, pro­to­cols, and tools have been in­ven­ted and rol­led out. Howe­ver, even sys­tems that are se­cu­re from a tech­no­lo­gi­cal stand­point can fail to pro­vi­de the in­ten­ded se­cu­ri­ty when used in­cor­rect­ly. Re­a­sons in­clu­de a mis­match bet­ween the user’s ca­pa­bi­li­ties and the sys­tem’s re­qui­re­ments (e.g., me­mo­ra­bi­li­ty re­qui­re­ments for pass­word-ba­sed au­then­ti­ca­ti­on), soft­ware in­ter­faces ill-ad­ap­ted for users (e.g., cer­ti­fi­ca­te warnings with high fal­se-po­si­ti­ve rates), user’s per­cep­ti­ons of sys­tems not matching rea­li­ty (e.g., mis­con­cep­ti­ons about pu­blic-key cryp­to­gra­phy), and more. It is ne­cessa­ry to bridge this gap and make soft­ware for IT Se­cu­ri­ty usa­ble in order to bring ef­fec­tive se­cu­ri­ty to ever­y­bo­dy.

The main focus of our re­se­arch lies in the broa­der field of Usa­ble Se­cu­ri­ty and Pri­va­cy, lo­ca­ted at the in­ter­sec­tion of IT Se­cu­ri­ty and Human Fac­tors. Spe­ci­fic goals of our re­se­arch in­clu­de, for ex­amp­le:

  • un­der­stand how users in­ter­act with se­cu­ri­ty soft­ware,
  • un­der­stand how the se­cu­ri­ty and pri­va­cy of se­cu­ri­ty soft­ware is per­cei­ved, and
  • adapt se­cu­ri­ty tech­no­lo­gies to be bet­ter ali­gned with user’s ca­pa­bi­li­ties and re­qui­re­ments
  • in­vent new sche­mes that offer bet­ter se­cu­ri­ty and usa­bi­li­ty for users.

Our group is part of the Horst Go­ertz In­sti­tu­te for IT Se­cu­ri­ty (HGI), part of the Clus­ter of Ex­cel­lence CaSa, and in­vol­ved in the gra­dua­te schools SecHu­man and NERD.

News

Pri­va­cy En­han­cing Tech­no­lo­gies Sym­po­si­um 2021 (PETS ’21)

05.​07.​2021 – Theo­dor Schnitz­ler

Our group has a paper ac­cep­ted at the Pri­va­cy En­han­cing Tech­no­lo­gies Sym­po­si­um 2021 (PETS ’21). This pu­bli­ca­ti­on is joint work with col­le­agues from New York Uni­ver­si­ty:

 

USE­NIX Se­cu­ri­ty Sym­po­si­um 2021 (SSYM ’21)

23.​06.​2021 – Flo­ri­an Farke

Our group has two ac­cep­ted pa­pers at the USE­NIX Se­cu­ri­ty Sym­po­si­um 2021 (SSYM ’20). The two pu­bli­ca­ti­ons are joint work with col­le­agues from The Ge­or­ge Wa­shing­ton Uni­ver­si­ty, the Uni­ver­si­ty of Chi­ca­go, and the Max Planck In­sti­tu­te for Se­cu­ri­ty and Pri­va­cy:

 

Use­nix Sym­po­si­um on Usa­ble Pri­va­cy and Se­cu­ri­ty 2021 (SOUPS ’21)

22.​06.​2021 – Phil­ipp Mar­kert

Our group has two pa­pers ac­cep­ted at the Use­nix Sym­po­si­um on Usa­ble Pri­va­cy and Se­cu­ri­ty 2021 (SOUPS ’21). The two pu­bli­ca­ti­ons are joint work with col­le­agues from The Ge­or­ge Wa­shing­ton Uni­ver­si­ty and the United Sta­tes Navy:

 

Teaching sum­mer term 2021

02.​04.​2021 – Mar­kus Du­er­muth

This sum­mer term we offer three lec­tu­res and a se­mi­nar. Due to the pan­de­mic, all teaching ac­tivi­ties take place on­line, de­tails can be found via the links below.

The Ba­che­lor-Lec­tu­re In­tro­duc­tion to Usa­ble Se­cu­ri­ty and Pri­va­cy is of­fe­red joint­ly with Prof. An­ge­la Sasse. The Mas­ter-Lec­tu­re Usa­ble Se­cu­ri­ty and Pri­va­cy is li­kely of­fe­red for the last time this se­mes­ter; it is re­pla­ced by the above Ba­che­lor Cour­se.

The lec­tu­re IT-Si­cher­heit für Geis­tes- und Ge­sell­schafts­wis­sen­schaf­ten is of­fe­red joint­ly with Dr. Sven Scha­e­ge for a non-tech­ni­cal au­di­ence, for ex­amp­le in the „Op­tio­nal­be­reich“, and also as a PhD cour­se for the SecHu­man Gra­dua­te School.

Our Se­mi­nar is open for both Ba­che­lor and Mas­ter Stu­dents: Bachelor-Se­mi­nar Usa­ble Se­cu­ri­ty and Pri­va­cy Re­se­arch and Mas­ter-Se­mi­nar Usa­ble Se­cu­ri­ty and Pri­va­cy Re­se­arch

 

Pri­va­cy Per­cep­ti­ons and Ac­cep­tan­ce of Coro­na Apps

30.​06.​2020 – Theo­dor Schnitz­ler

We pro­vi­de first re­sults of our study ex­plo­ring pri­va­cy per­cep­ti­ons and ac­cep­tan­ce of Coro­na Apps in Ger­ma­ny. We ex­plo­re how dif­fe­rent fac­tors af­fect users‘ wil­ling­ness to use for dif­fe­rent types of apps. Read the pre­print (in Ger­man only) here .

> zum Nach­rich­ten­ar­chiv