Undergraduate Course: Usable Security and Privacy (INFR11158)
Course Outline
| School | School of Informatics |
College | College of Science and Engineering |
| Credit level (Normal year taken) | SCQF Level 11 (Year 4 Undergraduate) |
Availability | Available to all students |
| SCQF Credits | 10 |
ECTS Credits | 5 |
| Summary | *This course will not be taught in 2020-21. Students given permission last year to sit this year's exam may register exam-only.*
Humans are a vital component of secure and private systems, they are also one of the most expensive components and the most challenging to reason about. In this course, students will learn about how to create systems that are usable while still fulfilling their primary security or privacy mission. Students will also learn about research topics such as designing user studies to critically evaluate interfaces and reading academic papers to create an academically-informed view of the topic. |
| Course description |
- Introduction: History and overview of the Usable Security and Privacy research area.
- Study design: Security and privacy activities tend to be secondary tasks. Students will learn how to design and analyze usability studies that are common in security and privacy such as targeting secondary tasks or ethically using some deception.
- Privacy: Basic overview of the definitions of privacy as well as some of the legal and social aspects of it. Analysis of common privacy issues and how they are expressed through user interaction with systems.
- Security: Overview of common security technologies and how they are impacted by usability. In- depth look at select topics such as password construction and management.
- Ethics: Discussion of ethics, particularly around research in topics in security and privacy where participants can be particularly vulnerable.
|
Entry Requirements (not applicable to Visiting Students)
| Pre-requisites |
|
Co-requisites | |
| Prohibited Combinations | |
Other requirements | For workload reasons, the course has pre-requisites of either a Human-Computer Interaction Course OR a Computer Security course. It is also acceptable to take the required courses as co-requisites. It is also acceptable to have taken the courses at another University.
Students are advised to consult the course website to make certain that their prior courses have covered the necessary material. A general familiarity with computer science and programming are recommended. |
Information for Visiting Students
| Pre-requisites | For workload reasons, the course has pre-requisites of either a Human-Computer Interaction Course OR a Computer Security course. It is also acceptable to take the required courses as co-requisites. It is also acceptable to have taken the courses at another University.
Students are advised to consult the course website to make certain that their prior courses have covered the necessary material. A general familiarity with computer science and programming are recommended. |
| High Demand Course? |
Yes |
Course Delivery Information
|
| Academic year 2020/21, Available to all students (SV1)
|
Quota: 2 |
| Course Start |
Semester 1 |
Timetable |
Timetable |
| Learning and Teaching activities (Further Info) |
Total Hours:
100
(
Lecture Hours 18,
Seminar/Tutorial Hours 3,
Feedback/Feedforward Hours 2,
Summative Assessment Hours 20,
Programme Level Learning and Teaching Hours 2,
Directed Learning and Independent Learning Hours
55 )
|
| Assessment (Further Info) |
Written Exam
80 %,
Coursework
20 %,
Practical Exam
0 %
|
| Additional Information (Assessment) |
Written Examination 80%
Practical Examination 0%
Coursework 20%
|
| Feedback |
Course feedback will be solicited mid-semester using paper forms. Feedback response will be given in lecture. |
| Exam Information |
| Exam Diet |
Paper Name |
Hours & Minutes |
|
| Main Exam Diet S2 (April/May) | | 2:00 | |
Learning Outcomes
On completion of this course, the student will be able to:
- Basic understanding of key topics in Security, Privacy, and Human-Computer Interaction.
- Be able to identify privacy and security concerns in different contexts.
- Critically evaluate the literature to develop an academically-informed view of proposed security and privacy solutions from a human factors perspective.
- Design studies to rigorously evaluate the usability of a security or privacy tool.
- Apply techniques and design approaches to security and privacy problems to create usable solutions.
|
Reading List
Required readings will be primarily from open access papers listed on the course website.
The below readings [1] and [2] are textbooks which summarize key research papers in the area and are therefore highly recommended. [3] and [4] are the textbooks for Computer Security and HCI respectfully and are recommended for students who need more background in those subjects.
1. Usable Security: History, Themes, and Challenges by Simson Garfinkel and Heather Richter Lipford
2. Security and Usability: Designing Secure Systems that People Can Use by Lorrie Cranor and Simson Garfinkel
3. Introduction to Computer Security Goodrich et al.
4. Human-Computer Interaction by Dix, Finlay, Abowd and Reale |
Additional Information
| Graduate Attributes and Skills |
- Be able to identify and handle situations involving potential breaches of privacy and ethics.
- Develop skills reading research papers and critically analyzing their study methodologies.
- Be able to identify and handle situations involving potential breaches of privacy and ethics.
- Develop skills reading research papers and critically analyzing their study methodologies. |
| Keywords | Human-Computer Interaction,Cyber Security,Privacy,Human Factors of Privacy and Security,USec |
Contacts
| Course organiser | Dr Kami Vaniea
Tel: (0131 6)50 2870
Email: kvaniea@inf.ed.ac.uk |
Course secretary | Miss Clara Fraser
Tel: (0131 6)51 4164
Email: clara.fraser@ed.ac.uk |
|
|
University Homepage