COMP 5900F (Fall 2006): Computer Security and Usability
Last updated: 27 Nov. 2006, 11:00am
Introduction to the design of secure systems that people can use, with emphasis on case studies.
usability of authentication mechanisms,
usability of privacy and anonymity systems,
the effect of system software on a secure user experience,
and usability of software products involving security.
When users bypass security mechanisms that are not usable, the result is no security.
On the other hand, when security mechanisms are severely weakened
in the name of making them more usable, the end result is essentially also no security.
Is it necessarily an either-or choice between computer security and usability?
Or can effective compute security mechanisms be designed, through use of established usability
engineering and human-computer interaction (HCI) principles?
The goal of research in "usable security" is to build systems which are both secure and usable.
This course explores the intersection of usability and computer security.
Essential Course Details
Course Structure and Marking Scheme.
The course will involve a substantial amount of reading, and discussion of this material in class.
We will cover a subset of the 34 papers in the listed text and selected additional papers
from recent conferences.
A mid-term test will cover the material to that point in the term.
The latter part of the term will include students' in-class presentations on either
selected readings, or previewing their final projects.
Written project reports may take the form of either an in-depth literature survey
on a relevant research topic, or a detailed case study (or critique)
on the usability of a particular security software component or system.
Contributions to class discussion of assigned readings will form part of the overall grade.
For assigned reading items (each chapter or paper),
students must hand in at the start of class a reading response (see below).
Attendance is required to be eligible to hand in each response
(thus attendance at all classes is expected). Marking scheme:
Professor P. Van Oorschot
2:30-4:00pm, Monday and Wednesday (2006 classes: Sept.11 to Dec.4)
515 SA (Southam Hall), Carleton University
1:30-2:30pm, Monday and Wednesday, Herzberg 5173. Exceptions: (none so far).
A course in computer security (e.g., COMP 4108 or 5407), or equivalent background
with instructor permission.
Undergraduate understanding of operating systems / computer systems is assumed;
background in HCI is helpful but not essential.
Security and Usability - Designing Secure Systems That People Can Use,
L.F. Cranor and S. Garfinkel (eds.), O'Reilly, 2005.
20% - reading responses, class participation and discussion
30% - mid-term test, in class (Oct.18)
15% - presentation to class (Nov.8 - Nov.29; approx. 25 minutes)
35% - written project report (see below).
Proposal due noon Fri. Oct.6; final report due Mon. Dec.4 in class.
Reading responses. Each reading response must be hard-copy.
For Classes 2 through 6: in at most one page,
include a 2-3 sentence abstract of the reading,
and three facts or results noted therein (1-2 sentences per fact or result).
For Class 7 onward: in at most one page,
include a 2-3 sentence abstract, plus three brief criticisms of the reading
(perceived shortcomings, points you disagree with, or suggestions for improvement).
One-page project proposals are due on or before Friday Oct.6 (noon).
They should outline the proposed project, including academic literature
references you expect to work from, or the relevent software applications.
You are encouraged to discuss your proposal ideas with the instructor.
Topics must be approved, but generally can be in any area of
"computer usability and security", combining both human computer interaction
The final written project report must be in
the format of a conference paper submission (e.g., see USENIX Security or IEEE
Security and Privacy conference calls for papers, and online papers from past years).
Examples of suitable projects include
state-of-the-art research surveys or detailed critiques of recent published research,
"usable security" case study evaluations of popular tools or applications
(e.g., heuristic evaluation and cognitive walkthroughs),
and end-user lab tests (typically requiring university ethics approval).
Policy re: Unethical Behaviour.
Any student submitting work including portions originating from someone else,
without crediting the original source, may be marked as
minus 100% (-100%) on that work item. If the infraction involves copying
from another student, both students may be penalized.
Harsher penalties following from
any standard university policies may be pursued where appropriate.
This should not discourage you from discussing work with classmates;
but be sure to write up submitted work individually.
Special Needs Students.
Students with disabilities requiring academic accommodations
are encouraged to contact a coordinator at the
Paul Menton Centre (PMC) for Students with Disabilities to complete
the necessary lettters of accommodation. After registering with the PMC,
make an appointment to meet and discuss your needs with the instructor
at least two weeks prior to the first in-class test or midterm exam,
to ensure sufficient time for necessary arrangements. The deadline
for submitting completed forms to the PMC for formally scheduled
exam accommodations is typically early November for fall term courses.
Detailed Topics of Study
(to be updated as the term progresses).
Lectures will primarily be drawn from the specified text,
supplemented by research papers and class notes.
Preliminary detailed outline:
Class 1/Sept.11 -
Ch.1: Psychological Acceptability Revisited [Bishop]
Class 2/Sept.13 -
Ch.2: Usable Security [Sasse & Flechais] +
Ch.3: Design for Usability [Tognazzini]
Class 3/Sept.18 -
Ch.6: Evaluating Authentication Mechanisms [Renaud]
Class 4/Sept.20 -
Ch.4: Usability Design and Evaluation for Privacy and Security Solutions
[Karat et al.]
Class 5/Sept.25 -
Ch.34: Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0
Class 6/Sept.27 -
A Usability Study and Critique of Two Password Managers
[Chiasson et al.] USENIX Security 2006
Class 7/Oct. 2 -
Ch.14: Fighting Phishing at the User Interface
Class 8/Oct. 4 -
Ch.33: Usability and Privacy - A Study of KaZaA P2P File Sharing
---------/Oct. 9 - statutory holiday
Class 9/Oct. 11 -
Ch.22: Privacy Policies and Privacy Preferences
Class 10/Oct.16 -
Ch.17: Simple Desktop Security with Chameleon
Class 11/Oct.18 -
midterm test (in class)
Class 12/Oct.23 -
Why Phishing Works [Dhamija et al.] CHI'06
Class 13/Oct.25 -
Plug-and-Play PKI: A PKI your Mother can Use
[Gutmann] USENIX Security 2003
Class 14/Oct.30 -
Ch.13: Guidelines and Strategies for Securing Interaction Design
Class 15/Nov.1 -
Ch.29: Users and Trust - A Microsoft Case Study
Class 16/Nov.6 -
Ch.32: Users are Not the Enemy [Adams, Sasse]
Student Presentations (Classes 17-23):
Class 17/Nov.8 - Forget, Chiasson, Crosby. Reading response: choice of
-- Ch.7: The Memorability and Security of Passwords [Yan et al.], or
Authentication Using Graphical Passwords: Effects of Tolerance and Image Choice
[Widenbeck et al.] SOUPS 2005
Class 18/Nov.13 - Kellett, Clark.
Reading response: choice of
-- Ch.26: Anonymity Loves Company - Usability and the Network Effect [Dingledine, Mathewson], or
Passpet: Convenient Password Management and Phishing Protection [Yee, Sitaker] SOUPS 2006
Class 19/Nov.15 - Alsaleh, Essex, Mora. Reading response:
-- Ch.16: Making the Impossible Easy - Usable PKI
[Balfanz et al.]
Class 20/Nov.20 - Zhang, Marchini, Sobey. Reading response:
-- Ch.10: Usable Biometrics [Coventry]
Class 21/Nov.22 - Mannan, Laurendeau, Li.
A Framework for Evaluating the Usability and Utility of PKI-enabled Applications
[Straub, Baier] EuroPKI 2004.
Class 22/Nov.27 - Nikseresht, Garson.
Reading response: choice of
-- Ch.21: Five Pitfalls in the Design for Privacy [Lederer et al.], or
-- Ch.27: ZoneAlarm - Creating Usable Security Products for Consumers [Berson]
Class 23/Nov.29 - Rustom, Mongia.
Graphical Passwords: A Survey [Suo et al.] ACSAC 2005
Class 24/Dec.4 -
The Battle Against Phishing: Dynamic Security Skins
[Dhamija, Tygar] SOUPS 2005.
(Dec.4 reading response optional; but participation in class discussion expected.)
For comments on this page, please mail to:
vanoorschot --at-- scs.carleton.ca