The Alnwick Garden is one of the most exciting contemporary gardens on earth. A garden for gardeners with a design that looks to the future. It's a stunning attraction and a floral wonderland.
You can see acres of fascinating plants, water sculptures and the infamous Poison Garden. The landscape is eclectic, from the gentle waves of colour and scent in the Rose Garden to the riotous, spellbinding water displays of the centrepiece the Grand Cascade. The pergola-covered paths of the rose garden combine shrub and climbing roses with clematis and honeysuckle, and the Ornamental Garden features the best of European garden design and planting. In the Serpent Garden, eight water sculptures nestle in the coils of a topiary serpent, while the Poison Garden holds dangerous plants and their stories.
A short walk from the Garden is Alnwick Castle, one of the largest
inhabited castles in England, and proudly known as 'The Windsor of
the North'. Built as a medieval fortress, today it is home to the
Duke and Duchess of Northumberland and their family. Alnwick Castle
was featured as Hogwarts in the first two Harry Potter films.
Scenes filmed at the castle include the first Quidditch lesson in Harry Potter and The Philosopher's Stone and the crash landing of the flying Ford Anglia in Harry Potter and The Chamber of Secrets.
Keynote talk
Keynote speaker: Harold
Thimbleby, Swansea University
Security & safety overlaps
Safety is a dual of security: while security is about stopping bad people doing bad things, safety is about stopping good people doing bad things. However, by definition, there are no good people who want to do bad things, and this changes everything.
This talk, based in experience of medical safety particularly with embedded computers, explores the cultural misdirection that presents system error as human error, and the ubiquitous consequences of that. The dual process model of human cognition (popularized by Nobel Prize winner Daniel Kahneman) is shown to lead to a pro-active role for engineering approaches to improve safety. We thus show some automated techniques that can be used to criticize defective designs in hindsight, can be used proactively in procurement, or can be used to improve future systems.
If we could miraculously improve medical engineering, hospitals would kill fewer people. The practical problem facing us is therefore to find out how to align the interests of victims with the interests of the providers, another overlap between security and safety.
Bio: Prof Harold Thimbleby is well known for his work in human-computer interaction, but he recently turned his attention more specifically to human-computer interaction in the medical context after one of his students spent time in intensive care. He has been elected an honorary fellow of the Royal College of Physicians, “the highest honour the RCP can bestow on a non-medically qualified person.” See www.harold.thimbleby.net
POSTERS
UserCSP- User Specified Content Security Policies
Kailas Patil (National University of Singapore), Tanvi Vyas, Frederik
Braun, and Mark Goodwin (Mozilla Corporation), and Zhenkai Liang (National University of Singapore)
Anti-phishing System Link-back to Login Page from Footprint
Saki Naguchi, Nami Hidaka, and Manabu Okamoto (Kanagawa Institute of Technology)
Input Password Only with Arrow Keys
Nami Hidaka, Saki Naguchi, and Manabu Okamoto (Kanagawa Institute of Technology)
Identity Management Futures: Assessing Privacy and Security Concerns of the Young and Old
Lisa Thomas and Pam Briggs (Northumbria University)
Information Disclosure between Different Groups on Social Networking Sites
Lili Nemec Zlatolas and Tatjana Welzer Druzovec (University of Maribor, Faculty of Electrical Engineering and Computer Science)
Hide and seek: On the disparity of browser security settings
Alexios Mylonas, Nikolaos Tsalis, and Dimitris Gritzalis (Athens University of Economics & Business)
Towards an app-driven Mobile Authentication Model
Nicholas Micallef, Mike Just, Lynne Baillie, and Gunes Kayacik (Glasgow Caledonian University)
Handsfree ZRTP - A Novel Key Agreement for RTP, Protected by Voice Commitments
Dominik Schürmann and Stephan Sigg (TU Braunschweig)
Balancing usability and security in the business cloud authentication
Joona Kurikka and Marko Nieminen (Aalto University)
Influence of the knowledge level about information security on Anshin factors
Dai Nishioka, Yoshia Saito, and Yuko Murayama (Software and Information Science, Iwate Prefectural University, Japan)
SHRT – New method of URL shortening including relative word of target URL
Soojin Yoon, Jeongeun Park, Changkuk Choi, and Seungjoo Kim (CIST(Center for Information Security Technologies), Korea University)
Similarity Assessment Metrics of Hybrid Images for Graphical Password
Madoka Hasegawa, Keita Takahashi, and Shigeo Kato (Utsunomiya University)
Highlighting Disclosure of Sensitive Data on Android Application with Static Analysis
Takuya Sakashita, Shinpei Ogata, Haruhiko Kaiya, and Kenji Kaijiri (Shinshu University)
Memorability of Computer Security Posters as Affected by Message Type
Mitchell Kajzer, Charles R. Crowell, and Angela Ferreira (University of Notre Dame), John D’Arcy (University of Delaware), and Dirk VanBruggen and Aaron Striegel (University of Notre Dame)
Android + Open Wi-Fis = Broken SSL?
Marten Oltrogge, Sascha Fahl, Marian Harbach, and Matthew Smith (DCSEC, Leibniz University Hannover)
Visual Password Checker
Kyriakos Kafas (University of Cambridge, UK) and Nouf Aljaffan and Shujun Li (University of Surrey, UK)
Towards a Model for Analysing Anti-Phishing Authentication Ceremonies
Edina Hatunic-Webster, Fred Mtenzi, and Brendan O'Shea (Dublin Institute of Technology)
Ephermality in Social Media
Erik Northrop and Heather Lipford (UNC Charlotte)
Content and Context for Browser Warnings
Melanie Volkamer and Steffen Bartsch (CASED, TU Darmstadt) and Erik Northrop (UNC Charlotte)
Understanding and Using Anonymous Credentials
Zinaida Benenson (University of Erlangen-Nuremberg), Ioannis Krontiris (Goethe University Frankfurt), Dominik Schröder and Alexander Schopf (University of Erlangen-Nuremberg), Kai Rannenberg (Goethe University Frankfurt), and Yannis Stamatiou and Vasia Liagkou (Computer Technology Institute Patras)
Waiting Makes the Heart Grow Fonder and the Password Grow Stronger: Experiments in Nudging Users to Create Stronger Passwords
Nathan Malkin, Shriram Krishnamurthi, and David H. Laidlaw (Brown University)
Exploring user perceptions of authentication scheme security
Ann Nosseir (British University in Egypt) and Sotirios Terzis (University of Strathclyde)
Preliminary Investigation of an NFC-Unlock Mechanism for Android
Sandra Flügge, Hannes Scharf, Sascha Fahl, and Matthew Smith (University of Hannover)
On the Usability of Secure GUIs
Atanas Filyanov and Aysegul Nas (Ruhr-University Bochum), Melanie Volkamer (TU Darmstadt), and Marcel Winandy (Ruhr-University Bochum)
Helping users review and make sense of access policies in organizations
Pooya Jaferian, Hootan Rashtian, and Konstantin Beznosov (University of British Columbia)
Posters Showcasing Usable Privacy and Security Papers Published in the
Past Year at Other Conferences
The post that wasn’t: exploring self-censorship on Facebook
Manya Sleeper, Rebecca Balebako, Sauvik Das, Amber Lynn McConahy, Jason Wiese, and Lorrie Faith Cranor (Carnegie Mellon University)
(Previously published at CSCW 2013)
Secure communication based on ambient audio
Dominik Schürmann and Stephan Sigg (TU Braunschweig)
(Previously published in IEEE Transactions on Mobile Computing 2013)
Someone To Watch Over Me
Heather Richter Lipford (University of North Carolina at Charlotte) and Mary Ellen Zurko (Cisco Systems)
(Previously published at NSPW 2012)
To Deceive or Not to Deceive! Ethical Questions in Phishing Research
Rasha Salah El-Din (University of York)
(Previously published in the British HCI 2012 Workshop Proceedings)
Usable Security in the Developing World: The Case of Mobile-Based Branchless Banking
Saurabh Panjwani (Bell Labs India)
Previously published at ACM DEV 2013 as Practical Receipt Authentication for Branchless Banking
SOUPS 2013 is sponsored by Carnegie Mellon CyLab
