Jan 10 2011
Usable Security
Usable security is a new research area combining human-computer interaction (HCI) and computer security. It aims to design “secure systems that people can use” and recognizes that even the most secure system will fail if it is used incorrectly or bypassed by users. It is especially important to consider user interaction when designing a security system because the consequences of an unusable system can lead to “dangerous errors”, i.e. errors that may have negative consequences with respect to security. Our work has focused on user authentication. In particular, we have conducted studies on password managers and graphical password systems, using in-lab experiments, interviews, and larger field studies. We are also investigating some of the broader issues related to usable security, namely users’ mental models of security and how these impact usability, the role of persuasion in security interfaces, and the nature of identity theft. We are also exploring how computer game design might inform usable security, so there is cross-over with our games and hypermedia research. Honours: The award for best paper at SOUPS 2007 (the ACM Symposium on Usable Privacy and Security) went to our paper: A Second Look at the Usability of Click-based Graphical Passwords
 |
 |
 |
Faculty
- Dr. Robert Biddle, Professor in Computer Science and Cognitive Science
- Dr. Sonia Chiasson, Professor in Computer Science
- Dr. Paul van Oorschot, Professor in Computer Science
- Dr. Andrew Patrick, Adjunct Research Professor in Computer Science
Current Graduate Students
- Daniel LeBlanc, Ph.D. Candidate in Psychology
- Wahida Chowdhury, Ph.D. Candidate in Cognitive Science
Also see our Publications