log in  |  register  |  feedback?  |  help  |  web accessibility
Revisiting what it means to be usable: Usable security beyond end users
Michelle Mazurek
IRB 0318 or Zoom: https://umd.zoom.us/j/92721031800?pwd=dGhidU13dzl0cmI2eUM4SzJLNTZrZz09
Friday, November 10, 2023, 11:00-11:55 am
  • You are subscribed to this talk through .
  • You are watching this talk through .
  • You are subscribed to this talk. (unsubscribe, watch)
  • You are watching this talk. (unwatch, subscribe)
  • You are not subscribed to this talk. (watch, subscribe)
Abstract
The usable security community has made significant progress in making security and privacy tools, notifications, and warnings more legible for end users. However, many security and privacy problems remain out of the hands of end users, or -- even when simplified -- require more knowledge and effort than is reasonable to expect. As such, the next important challenge in usable security is to go beyond end users and explore how to make security and privacy more usable for professionals: software developers and security operations personnel, but also professionals who can influence end users at larger scale. In this talk, I will discuss three studies relevant to this goal: a study of the benefits and challenges of adopting secure programming languages, with Rust as a case study; a study evaluating the usefulness of security operations playbooks for incident response; and a study of whether and how product reviewers can help end users make more informed security and privacy decisions.

 

Bio
Michelle Mazurek is an Associate Professor in the Computer Science Department and the Institute for Advanced Computer Studies at the University of Maryland, College Park, where she also directs the Maryland Cybersecurity Center. Her research aims to understand and improve the human elements of security- and privacy-related decision making. Recent projects include examining how and why developers make security and privacy mistakes; examining how security and privacy information is distributed via YouTube influencers; and analyzing how users learn about and decide whether to adopt security advice. She was Program Chair for the Symposium on Usable Privacy and Security (SOUPS) 2019-2020 as well as the Privacy Enhancing Technologies Symposium (PETS) 2022-2023. She has received a number of awards, including the NSF CAREER award, DARPA Young Faculty Award, the NSA's Best Scientific Cybersecurity Paper award, and several distinguished paper awards. Dr. Mazurek received her PhD in Electrical and Computer Engineering from Carnegie Mellon University in 2014.

 

This talk is organized by Samuel Malede Zewdu