WATCH: Security, Privacy, and Usability: Better Together
April 19, 2012 12:00 PM
April 19, 2012 1:00 PM
NSF, Room 110
Usable privacy and security research aims to consider security, privacy, and usability goals together in order to develop solutions in which these goals are not in conflict with each other. In this talk I will highlight some of our projects that illuminate the insights that can be gained through consideration of human behavior together with security and privacy. First, I will discuss our work exploring the usability of tools designed to help users control online behavioral advertising. Our empirical user studies are helping to inform the public policy debate about privacy regulation. Next I will discuss our work on usability and access control. We have explored the access-control needs of non-expert computer users and developed and tested approaches to make access control policy management more natural. We have also explored the ways that underlying access-control system models interact with user interface components and demonstrated that even seemingly small changes to a system's semantics can fundamentally affect the system's usability. Finally, I will discuss our research on the usability and security of text passwords. In a series of online studies, we have asked over 34,000 users to create passwords and return to our website several days later and try to recall their passwords. These studies allow us to compare password policies, for example, requiring long passwords or requiring passwords to include uppercase and lowercase letters, digits, and symbols. By examining usability and security properties together, we have identified several common misconceptions about the impact of password composition policies on user behavior. Throughout this talk I will argue that examining security/privacy and usability together is often critical for achieving either.
Lorrie Faith Cranor is an Associate Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University where she is director of the CyLab Usable Privacy and Security Laboratory (CUPS). She is also a co-founder of Wombat Security Technologies, Inc. She has played a key role in building the usable privacy and security research community, having co-edited the seminal book Security and Usability (O'Reilly 2005) and founded the Symposium On Usable Privacy and Security (SOUPS). She also chaired the Platform for Privacy Preferences Project (P3P) Specification Working Group at the W3C and authored the book Web Privacy with P3P (O'Reilly 2002).
To Join the Webinar:
The Webinar will be held from 12:00-1:00pm EST on April 19, 2012 in Room 110.
To attend virtually, please register by April 18, 23:59 PDT at: https://mmancusa.webex.com/mmancusa/j.php?ED=180788387&RG=1&UID=0&RT=MiMxMQ%3D%3D
After your registration is accepted, you will get an email with a URL to join the meeting. Please be sure to join a few minutes before the start of the webinar. This system does not establish a voice connection on your computer; instead, your acceptance message will have a toll-free phone number that you will be prompted to call after joining. Please note that this registration is a manual process; therefore, do not expect an immediate acceptance. In the event the number of requests exceeds the capacity, some requests may have to be denied.
This event is part of Webinars/Webcasts.
Keith Marzullo, (703) 292-8950 firstname.lastname@example.org
NSF Related Organizations
Directorate for Computer & Information Science & Engineering
Flyer for Lorrie Cranor