Institut für Informatik | Sitemap | LMU-Portal
English
  • Startseite
  • Studieninteressierte
  • Studierende
  • Lehrveranstaltungen
    • Archiv
    • SS 2024
      • CAI
      • CC
      • CG1
      • DS
      • DW2
      • EVM
      • HCA
      • HS
      • MMI1
      • MMP
      • MT
      • PAR
      • PGD
      • PIIS
      • PKMM
      • PML
      • PS
      • PSK
      • PSYA1
      • PSYG2
      • PVRU
      • STUDY
      • SWH
      • SWH-NEBENFACH
      • USEC
      • USER-STUDY
      • UX2
      • UX3
      • WAL
  • Forschung
  • Personen
  • Kontakt
  • Besucher
  • Jobs
  • FAQ
  • Intern
USEC in anderen Semestern:
SS25 SS24 SS23 SS22 SS21 SS20
Startseite > Lehrveranstaltungen > SS 2024 > USEC

Practical Course Usable Security

Lecturer: Prof. Alt
Persons in Charge: Oliver Hein
Hours per week: 4
ECTS credits: 6 (MSc)
Module: Master P3 / P 5: Gruppenpraktikum zu fortgeschrittenen Themen der Informatik I oder Informatik II (MA MI PStO 2022 (Start WiSe)) / (MA MI PStO 2022 (Start SoSe))
After consultation with the examination board, credit for WP 1-3, WP 7,9, WP 19 (advanced topics for Master) also possible

Two topics are available for this course. Interested students may express their interest through this Survey.

Note that the first topic will be conducted as a block course, while the second topic will run over the course of the term.

Topic 1: A Platform to Support Self-Commitment for Secure Behavior

Description

Today, there exists a solid understanding of which habits protect users from the threats of cyber space (for example, not reusing passwords across accounts, verifying senders and examining links in email). Furthermore, many security tools and technologies exist that are designed to support people in behaving securely: examples include but are not limited to password managers, tools for email encryption, or VPNs. At the same time, users struggle to adopt secure behavior and use available tools.

A potential solution to this is providing users means to self-commit to such behavior. This approach has been demonstrated to be highly effective in other domains, such as exercising more or eating healthily. The objective of this course is to develop a platform that supports such self-commitment. Features of such a platform may include an explanation of secure behavior, the possibility to "sign a self-commitment contract", means to feedback reasons for failing to adhere to this contract, and means to remind users in-situ about security behavior.

The specific use case this course will focus on is the use of a password manager. Questions that are going to be tackled are: How can the use of a password manager be motivated and its advantages be communicated? How can users' misconceptions and struggles with adoption be addressed? How can users be reminded about the use of a password manager in-situ (e.g., by means of a browser-plugin or smartphone app)?

Time and Location

  • Project Period: April 22 - May 3 (daily 10am - 4pm, longer if needed)
  • Kick-Off: Monday April 22, 2pm
  • Location: CODE Research Institute for Cyber Defense, Carl-Wery-Straße 18, Raum 0812

Topic 2: Drone-based Security and Privacy Interfaces

Description

The objective of this course is to learn how systems can be designed for different contexts that are secure, privacy-preserving and usable at the same time. This year, the course will evolve around image processing, object detection and drone interaction.

The course consists of two parts: in a theoretical part, participants will be introduced to different topics of usable security and privacy, including an overview of security and privacy mechanisms, threat modeling, and mental models. Furthermore, this part will cover different application area, such as passwords, authentication, security warnings, and social engineering.

The practical part will then focus on user-centered design techniques that allow for creating novel privacy and security mechanisms. In small groups, participants will initially create concepts for novel mechanisms. In the following, participants will then build prototypes and evaluate these in user studies regarding security and usability.

Time and Location

  • Time: Tuesday 2pm (s.t.) - 4:15pm
  • Kick-Off: Tuesday 16.04.2024
  • Location: CODE Research Institute for Cyber Defense, Carl-Wery-Straße 18, Room 0812

Schedule (tentative)

Date Task Deliverables
16.04.2024 Introduction & Research Examples
30.04.2024 Individual Concept Pitches (60 seconds) Video Recording of Pitch
07.05.2024 Concept Presentations (in Teams) Slides, Timeline
04.06.2024 Intermediate Presentations Slides
02.07.2024 Final Presentations Poster, Demonstrator
30.07.2024 Written Report

Application

Students interested in the course can apply via Moodle.

In your application please provide the following information:

  • Indicate a topic preference
  • For topic 1: Rate (1=no experience, 5=expert) and briefly describe any relevant expertise in the following areas (e.g., from other courses, theses, or projects): web development, Android programming, security/privacy, concept development, evaluation
  • For topic 2: Rate (1=no experience, 5=expert) and briefly describe any relevant expertise in the following areas (e.g., from other courses, theses, or projects): hardware prototyping, python programming, image processing, object detection, security/privacy, concept development, evaluation
  • Optionally: Provide a short paragraph (max. 150 words) describing your motivation to participate in this course.

Course Material

This is a joint course with the Research Institute CODE of UniBW Munich. Students will get access to the University's learning platform where all relevant course materials will be provided.

Nach oben
Impressum – Datenschutz – Kontakt  |  Letzte Änderung am 19.04.2024 von Jennifer Meiler (rev 43474)