COMP 5900F (Fall 2006): Computer Security and Usability

Last updated: 27 Nov. 2006, 11:00am

Calendar Description. Introduction to the design of secure systems that people can use, with emphasis on case studies. Topics include usability of authentication mechanisms, usability of privacy and anonymity systems, the effect of system software on a secure user experience, and usability of software products involving security.

Motivation. When users bypass security mechanisms that are not usable, the result is no security. On the other hand, when security mechanisms are severely weakened in the name of making them more usable, the end result is essentially also no security. Is it necessarily an either-or choice between computer security and usability? Or can effective compute security mechanisms be designed, through use of established usability engineering and human-computer interaction (HCI) principles? The goal of research in "usable security" is to build systems which are both secure and usable. This course explores the intersection of usability and computer security.

Essential Course Details Course Structure and Marking Scheme. The course will involve a substantial amount of reading, and discussion of this material in class. We will cover a subset of the 34 papers in the listed text and selected additional papers from recent conferences. A mid-term test will cover the material to that point in the term. The latter part of the term will include students' in-class presentations on either selected readings, or previewing their final projects. Written project reports may take the form of either an in-depth literature survey on a relevant research topic, or a detailed case study (or critique) on the usability of a particular security software component or system. Contributions to class discussion of assigned readings will form part of the overall grade. For assigned reading items (each chapter or paper), students must hand in at the start of class a reading response (see below). Attendance is required to be eligible to hand in each response (thus attendance at all classes is expected). Marking scheme:
20% - reading responses, class participation and discussion
30% - mid-term test, in class (Oct.18)
15% - presentation to class (Nov.8 - Nov.29; approx. 25 minutes)
35% - written project report (see below). Proposal due noon Fri. Oct.6; final report due Mon. Dec.4 in class.

Reading responses. Each reading response must be hard-copy. For Classes 2 through 6: in at most one page, include a 2-3 sentence abstract of the reading, and three facts or results noted therein (1-2 sentences per fact or result). For Class 7 onward: in at most one page, include a 2-3 sentence abstract, plus three brief criticisms of the reading (perceived shortcomings, points you disagree with, or suggestions for improvement).

Written projects. One-page project proposals are due on or before Friday Oct.6 (noon). They should outline the proposed project, including academic literature references you expect to work from, or the relevent software applications. You are encouraged to discuss your proposal ideas with the instructor. Topics must be approved, but generally can be in any area of "computer usability and security", combining both human computer interaction and security. The final written project report must be in the format of a conference paper submission (e.g., see USENIX Security or IEEE Security and Privacy conference calls for papers, and online papers from past years). Examples of suitable projects include state-of-the-art research surveys or detailed critiques of recent published research, "usable security" case study evaluations of popular tools or applications (e.g., heuristic evaluation and cognitive walkthroughs), and end-user lab tests (typically requiring university ethics approval).

Policy re: Unethical Behaviour. Any student submitting work including portions originating from someone else, without crediting the original source, may be marked as minus 100% (-100%) on that work item. If the infraction involves copying from another student, both students may be penalized. Harsher penalties following from any standard university policies may be pursued where appropriate. This should not discourage you from discussing work with classmates; but be sure to write up submitted work individually.

Special Needs Students. Students with disabilities requiring academic accommodations are encouraged to contact a coordinator at the Paul Menton Centre (PMC) for Students with Disabilities to complete the necessary lettters of accommodation. After registering with the PMC, make an appointment to meet and discuss your needs with the instructor at least two weeks prior to the first in-class test or midterm exam, to ensure sufficient time for necessary arrangements. The deadline for submitting completed forms to the PMC for formally scheduled exam accommodations is typically early November for fall term courses.

Detailed Topics of Study (to be updated as the term progresses). Lectures will primarily be drawn from the specified text, supplemented by research papers and class notes. Preliminary detailed outline:
Class 1/Sept.11 - Ch.1: Psychological Acceptability Revisited [Bishop]
Class 2/Sept.13 - Ch.2: Usable Security [Sasse & Flechais] + Ch.3: Design for Usability [Tognazzini]
Class 3/Sept.18 - Ch.6: Evaluating Authentication Mechanisms [Renaud]
Class 4/Sept.20 - Ch.4: Usability Design and Evaluation for Privacy and Security Solutions [Karat et al.]
Class 5/Sept.25 - Ch.34: Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 [Whitten, Tygar]
Class 6/Sept.27 - A Usability Study and Critique of Two Password Managers [Chiasson et al.] USENIX Security 2006
Class 7/Oct. 2 - Ch.14: Fighting Phishing at the User Interface [Miller, Wu]
Class 8/Oct. 4 - Ch.33: Usability and Privacy - A Study of KaZaA P2P File Sharing [Good, Krekelberg]
---------/Oct. 9 - statutory holiday
Class 9/Oct. 11 - Ch.22: Privacy Policies and Privacy Preferences [Cranor]
Class 10/Oct.16 - Ch.17: Simple Desktop Security with Chameleon [Long, Moskowitz]
Class 11/Oct.18 - midterm test (in class)
Class 12/Oct.23 - Why Phishing Works [Dhamija et al.] CHI'06
Class 13/Oct.25 - Plug-and-Play PKI: A PKI your Mother can Use [Gutmann] USENIX Security 2003
Class 14/Oct.30 - Ch.13: Guidelines and Strategies for Securing Interaction Design [Yee]
Class 15/Nov.1 - Ch.29: Users and Trust - A Microsoft Case Study [Nodder]
Class 16/Nov.6 - Ch.32: Users are Not the Enemy [Adams, Sasse]
Student Presentations (Classes 17-23):
Class 17/Nov.8 - Forget, Chiasson, Crosby. Reading response: choice of
-- Ch.7: The Memorability and Security of Passwords [Yan et al.], or
-- Authentication Using Graphical Passwords: Effects of Tolerance and Image Choice [Widenbeck et al.] SOUPS 2005
Class 18/Nov.13 - Kellett, Clark. Reading response: choice of
-- Ch.26: Anonymity Loves Company - Usability and the Network Effect [Dingledine, Mathewson], or
-- Passpet: Convenient Password Management and Phishing Protection [Yee, Sitaker] SOUPS 2006
Class 19/Nov.15 - Alsaleh, Essex, Mora. Reading response:
-- Ch.16: Making the Impossible Easy - Usable PKI [Balfanz et al.]
Class 20/Nov.20 - Zhang, Marchini, Sobey. Reading response:
-- Ch.10: Usable Biometrics [Coventry]
Class 21/Nov.22 - Mannan, Laurendeau, Li. Reading response:
-- A Framework for Evaluating the Usability and Utility of PKI-enabled Applications [Straub, Baier] EuroPKI 2004.
Class 22/Nov.27 - Nikseresht, Garson. Reading response: choice of
-- Ch.21: Five Pitfalls in the Design for Privacy [Lederer et al.], or
-- Ch.27: ZoneAlarm - Creating Usable Security Products for Consumers [Berson]
Class 23/Nov.29 - Rustom, Mongia. Reading response:
-- Graphical Passwords: A Survey [Suo et al.] ACSAC 2005
Class 24/Dec.4 - -- The Battle Against Phishing: Dynamic Security Skins [Dhamija, Tygar] SOUPS 2005.
(Dec.4 reading response optional; but participation in class discussion expected.)

For comments on this page, please mail to: vanoorschot --at-- scs.carleton.ca