PicGroup

IT security has become relevant for a wide range of users and organizations, and a wide range of cryptographic primitives, protocols, and tools have been invented and rolled out. However, even systems that are secure from a technological standpoint can fail to provide the intended security when used incorrectly. Reasons include a mismatch between the user’s capabilities and the system’s requirements (e.g., memorability requirements for password-based authentication), software interfaces ill-adapted for users (e.g., certificate warnings with high false-positive rates), user's perceptions of systems not matching reality (e.g., misconceptions about public-key cryptography), and more. It is necessary to bridge this gap and make software for IT Security usable in order to bring effective security to everybody.

The main focus of our research lies in the broader field of Usable Security and Privacy, located at the intersection of IT Security and Human Factors. Specific goals of our research include, for example:

  • understand how users interact with security software,
  • understand how the security and privacy of security software is perceived, and
  • adapt security technologies to be better aligned with user's capabilities and requirements
  • invent new schemes that offer better security and usability for users.

Our group is part of the Horst Goertz Institute for IT Security (HGI), part of the Cluster of Excellence CaSa, and involved in the graduate schools SecHuman and NERD.

News

Privacy Enhancing Technologies Symposium 2021 (PETS '21)

05.07.2021 - Theodor Schnitzler

Our group has a paper accepted at the Privacy Enhancing Technologies Symposium 2021 (PETS '21). This publication is joint work with colleagues from New York University:

USENIX Security Symposium 2021 (SSYM '21)

23.06.2021 - Florian Farke

Our group has two accepted papers at the USENIX Security Symposium 2021 (SSYM '20). The two publications are joint work with colleagues from The George Washington University, the University of Chicago, and the Max Planck Institute for Security and Privacy:

Usenix Symposium on Usable Privacy and Security 2021 (SOUPS '21)

22.06.2021 - Philipp Markert

Our group has two papers accepted at the Usenix Symposium on Usable Privacy and Security 2021 (SOUPS '21). The two publications are joint work with colleagues from The George Washington University and the United States Navy:

Teaching summer term 2021

02.04.2021 - Markus Duermuth

This summer term we offer three lectures and a seminar. Due to the pandemic, all teaching activities take place online, details can be found via the links below.

The Bachelor-Lecture Introduction to Usable Security and Privacy is offered jointly with Prof. Angela Sasse. The Master-Lecture Usable Security and Privacy is likely offered for the last time this semester; it is replaced by the above Bachelor Course.

The lecture IT-Si­cher­heit für Geis­tes- und Ge­sell­schafts­wis­sen­schaf­ten is offered jointly with Dr. Sven Schaege for a non-technical audience, for example in the "Optionalbereich", and also as a PhD course for the SecHuman Graduate School.

Our Seminar is open for both Bachelor and Master Students: Bachelor-Se­mi­nar Usable Se­cu­ri­ty and Pri­va­cy Research and Mas­ter-Se­mi­nar Usable Se­cu­ri­ty and Pri­va­cy Research

Privacy Perceptions and Acceptance of Corona Apps

30.06.2020 - Theodor Schnitzler

We provide first results of our study exploring privacy perceptions and acceptance of Corona Apps in Germany. We explore how different factors affect users' willingness to use for different types of apps. Read the preprint (in German only) here .

> zum Nachrichtenarchiv