THE UNIVERSITY of EDINBURGH

DEGREE REGULATIONS & PROGRAMMES OF STUDY 2019/2020

University Homepage
DRPS Homepage
DRPS Search
DRPS Contact
DRPS : Course Catalogue : School of Informatics : Informatics

Undergraduate Course: Usable Security and Privacy (INFR11158)

Course Outline
SchoolSchool of Informatics CollegeCollege of Science and Engineering
Credit level (Normal year taken)SCQF Level 11 (Year 4 Undergraduate) AvailabilityAvailable to all students
SCQF Credits10 ECTS Credits5
SummaryHumans are a vital component of secure and private systems, they are also one of the most expensive components and the most challenging to reason about. In this course, students will learn about how to create systems that are usable while still fulfilling their primary security or privacy mission. Students will also learn about research topics such as designing user studies to critically evaluate interfaces and reading academic papers to create an academically-informed view of the topic.
Course description - Introduction: History and overview of the Usable Security and Privacy research area including the transition from blaming users to treating them as valued components of a secure system.
- Study design: Security and privacy activities tend to be secondary tasks. The student will learn how to design and analyze usability studies that are common in security and privacy such as targeting secondary tasks or using some deception.
- Privacy: Basic overview of the definitions of privacy as well as some of the legal and social aspects of it. Analysis of common privacy issues and how they are expressed through user interaction with systems.
- Security: Overview of common security technologies and how they are impacted by usability. In- depth look at select topics such as password construction and management.
- Ethics: Discussion of ethics, particularly around research in topics in security and privacy where participants can be particularly vulnerable.
Entry Requirements (not applicable to Visiting Students)
Pre-requisites Students MUST have passed: Human-Computer Interaction (Level 11) (INFR11017) OR Computer Security (INFR10067)
Co-requisites
Prohibited Combinations Other requirements Students must have taken a Human-Computer Interaction course OR a Computer Security course previously. Courses from other universities are acceptable; however, students are advised to consult the course website to make certain that their prior courses have covered the necessary material. A general familiarity with computer science and programming are recommended.
Information for Visiting Students
Pre-requisitesCourses from other universities are acceptable; however, students are advised to consult the course website to make certain that their prior courses have covered the necessary material.
A general familiarity with computer science and programming are recommended.
Course Delivery Information
Academic year 2019/20, Available to all students (SV1) Quota:  None
Course Start Semester 2
Timetable Timetable
Learning and Teaching activities (Further Info) Total Hours: 100 ( Lecture Hours 18, Seminar/Tutorial Hours 3, Feedback/Feedforward Hours 2, Summative Assessment Hours 20, Programme Level Learning and Teaching Hours 2, Directed Learning and Independent Learning Hours 55 )
Assessment (Further Info) Written Exam 80 %, Coursework 20 %, Practical Exam 0 %
Additional Information (Assessment) Written Examination 80%
Practical Examination 0%
Coursework 20%

Feedback Course feedback will be solicited mid-semester using paper forms. Feedback response will be given in lecture.
Exam Information
Exam Diet Paper Name Hours & Minutes
Main Exam Diet S2 (April/May)2:00
Learning Outcomes
On completion of this course, the student will be able to:
  1. Basic understanding of key topics in Security, Privacy, and Human-Computer Interaction.
  2. Be able to identify privacy and security concerns in different contexts.
  3. Critically evaluate the literature to develop an academically-informed view of proposed security and privacy solutions from a human factors perspective.
  4. Design studies to rigorously evaluate the usability of a security or privacy tool.
  5. Apply techniques and design approaches to security and privacy problems to create usable solutions.
Reading List
Required readings will be primarily from open access papers listed on the course website.

The below readings [1] and [2] are textbooks which summarize key research papers in the area and are therefore highly recommended. [3] and [4] are the textbooks for Computer Security and HCI respectfully and are recommended for students who need more background in those subjects.

1. Usable Security: History, Themes, and Challenges by Simson Garfinkel and Heather Richter Lipford
2. Security and Usability: Designing Secure Systems that People Can Use by Lorrie Cranor and Simson Garfinkel
3. Introduction to Computer Security Goodrich et al.
4. Human-Computer Interaction by Dix, Finlay, Abowd and Reale
Additional Information
Graduate Attributes and Skills - Be able to identify and handle situations involving potential breaches of privacy and ethics.
- Develop skills reading research papers and critically analyzing their study methodologies.
- Be able to identify and handle situations involving potential breaches of privacy and ethics.
- Develop skills reading research papers and critically analyzing their study methodologies.
KeywordsHuman-Computer Interaction,Cyber Security,Privacy,Human Factors of Privacy and Security,USec
Contacts
Course organiserDr Kami Vaniea
Tel: (0131 6)50 2870
Email:
Course secretaryMr Gregor Hall
Tel: (0131 6)50 5194
Email:
Navigation
Help & Information
Home
Introduction
Glossary
Search DPTs and Courses
Regulations
Regulations
Degree Programmes
Introduction
Browse DPTs
Courses
Introduction
Humanities and Social Science
Science and Engineering
Medicine and Veterinary Medicine
Other Information
Combined Course Timetable
Prospectuses
Important Information