Symposium On Usable Privacy and Security

In-cooperation with USENIX

Workshop on Usable Security and Privacy Education

For up-to-the-minute updates and agenda check this site:


Heather Richter Lipford, UNC Charlotte
Simson Garfinkel, NIST
Andrew Besmer, Winthrop University
Jason Watson, University of North Alabama

Lightning Talks

The Teaching Privacy Curriculum
Serge Egelman, Gerald Friedland, Julia Bernd, Dan Garcia, and Blanca Gordo; International Computer Science Institute and University of California at Berkeley
Courses for understanding the impact of privacy and security choices
Emily McReynolds; University of Washington
Developing a Standardized and Multidisciplinary Curriculum for Digital Forensics
Masooda Bashir and Roy Campbell; University of Illinois at Urbana-Champaign
Recommendations for a Graduate Seminar in Usable Security
Kent Seamons; Brigham Young University
Usable Security and Privacy in Technology Ethics Courses
Patrick Gage Kelley; University of New Mexico
Human Factors in Security and Privacy
Zinaida Benenson; Friedrich-Alexander-University Erlangen-Nuremberg, Germany
Ethnomethodology and Usable Security: The Value of Descriptive Research for Graduate Students
Hervé Saint-Louis; University of Toronto
An interdisciplinary study of phishing and spear-phishing attacks
Robin Gonzalez, Michael Locasto; University of Calgary

Scope and Focus

The past 15 years has seen a dramatic increase in attention to usable security and privacy research, yet the vast majority of computing students are being exposed to very little of this discipline. A variety of usable security courses are being taught, particularly by researchers within the SOUPS community. These courses are often electives taught to senior or graduate students, organized around the common and recent research themes in the field. One potential barrier to expanding the breadth and depth of usable security education across computing programs is the lack of a framework or body of knowledge defining what students could and should know about usable security and privacy. How do we translate the research themes and results in the field into educational topics? What are the knowledge units, skills, and learning objectives for general computing and/or security students? Such a framework could also provide topic consistency and guidance on how to integrate those knowledge units into existing and new courses; and on the types of learning materials that need to be developed based upon current and future research results.

This workshop aims to bring together educators in usable security and privacy who are interested in discussing these issues and contributing to the development of a body of knowledge. The goal of the workshop is to brainstorm and start to organize the topics, knowledge units, and skills as well as learning goals and objectives within usable security and privacy for a variety of computing students. The workshop will consist of lightning talks, discussions, and breakout sessions. The outcomes of these discussions will be documented in detail and made available on a workshop website. This will be iteratively refined by the organizers and the community throughout the following year.