|Description | Required Texts | Schedule | Requirements ||
Spring 2006: Wean Hall 5409, Tuesdays and Thursdays 9-10:20 am
Class web site: http://cups.cs.cmu.edu/courses/ups-sp06/
Class mailing list: http://cups.cs.cmu.edu/mailman/listinfo/ups
Professor: Lorrie Cranor
Professor: Michael Reiter
Professor: Jason Hong
There is growing recognition that technology alone will not provide all of the solutions to security and privacy problems. Human factors play an important role in these areas, and it is important for security and privacy experts to have an understanding of how people will interact with the systems they develop. This course is designed to introduce students to a variety of usability and user interface problems related to privacy and security and to give them experience in designing studies aimed at helping to evaluate usability issues in security and privacy systems. The course is suitable both for students interested in privacy and security who would like to learn more about usability, as well as for students interested in usability who would like to learn more about security and privacy. Much of the course will be taught in a graduate seminar style in which all students will be expected to do a weekly reading assignment and each week different students will prepare a presentation for the class. Students will also work on a group project throughout the semester. The course is open to all graduate students who have technical backgrounds. Juniors and seniors may enroll with permission of one of the instructors.
Readings will be assigned from the following text (available in the CMU bookstore and from all the usual online stores). Additional readings will be assigned from papers available online or handed out in class.
Note, this is subject to change. The class web site will have the most up-to-date version of this calendar.
This class will have no final exam, however, the final exam period on May 9 at 9 am will be used for final project presentations. Final project papers will be due May 12 at 4pm.
Cheating and plagiarism will not be tolerated. Students caught cheating or plagiarizing will receive no credit for the assignment on which the cheating occurred. Additional actions -- including assigning the student a failing grade in the class or referring the case for disciplinary action -- may be taken at the discretion of the instructors.
Your final grade in this course will be based on:
Homework assignments for this class will include reading summaries and lecture notes. Your two lowest homework grades will be dropped from your homework average.
Students are expected to do reading assignments prior to class so that they can participate fully in class discussions. Students must submit a short summary (3-8 sentences) and a "highlight" for each chapter or article in the reading assignment. The highlight may be something you found particularly interesting or noteworthy, a question you would like to discuss in class, a point you disagree with, etc. Summaries and highlights are due in class at 9:15 am each Tuesday. Summaries and highlights will not be accepted late. If you do not attend class, you will not be permitted to submit your summaries and highlights.
Students will be assigned to take notes during one or more of the class lectures. Each set of notes will count as an additional homework assignment. Notes should be emailed to the instructors as text, HTML, or PDF (with accompanying Word or Latex) within 48 hours of the lecture for which they were taken. These notes will be posted on the class web site. In addition, the instructors may include all or part of your notes in an instructor's guide they are writing for future usable privacy and security courses.
Each student will be assigned a class lecture to prepare and present. The lecture should be based on the topics covered in that week's reading assignment, but it should go beyond the materials in the reading. For example, you might read and present some of the related work mentioned in the reading or that you find on your own (the HCISec Bibliography is a good starting point for finding relevant papers), you might present some of the optional reading materials, you might demonstrate software mentioned in the reading, you might critique a design discussed in the reading, or you might design a class exercise for your classmates. As part of your lecture you should prepare several discussion questions and lead a class discussion. You should also introduce your fellow students to terminology and concepts they might not be familiar with that are necessary to understand the material you are presenting. You should email to the instructors a set of PowerPoint slides including lecture notes and discussion questions. These slides will be posted on the class web site. In addition, the instructors may include all or part of your presentation slides and notes in an instructor's guide they are writing for future usable privacy and security courses.
Students will work on semester projects in small groups that include students with a variety of areas of expertise. Each project group will propose a project. It is expected that most projects will involve the design of a user study to evaluate the design of an existing or proposed privacy- or security-related system or gain insight into users' attitudes or mental models related to some aspect of security or privacy. Groups with ideas for other types of projects should discuss them with the professors before submitting their project proposals. As part of the project students will: