|
Human Factors in Security and Privacy (HumSecPri)5 ECTS (englische Bezeichnung: Human Factors in Security and Privacy)
(Prüfungsordnungsmodul: Human Factors in Security and Privacy)
Modulverantwortliche/r: Zinaida Benenson Lehrende:
Zinaida Benenson
Startsemester: |
SS 2022 | Dauer: |
1 Semester | Turnus: |
jährlich (SS) |
Präsenzzeit: |
60 Std. | Eigenstudium: |
90 Std. | Sprache: |
Deutsch und Englisch |
Lehrveranstaltungen:
-
-
Human Factors in Security and Privacy
(Vorlesung, 2 SWS, Zinaida Benenson et al., Do, 12:15 - 13:45, K1-119 Brose-Saal)
-
Human Factors in Security and Privacy - Übung
(Übung, 2 SWS, Zinaida Benenson et al., Do, 16:15 - 17:45, K1-119 Brose-Saal)
Empfohlene Voraussetzungen:
LANGUAGE: This module will be held in German. Slides and all other written materials are in English. Assignments and exams are in English and can be answered in English or German. REQUIRED SKILLS: basic knowledge in the area of IT security and privacy, such as security goals (CIA), basic protection mechanisms (symmetric and asymmetric cryptography principles), cryptographic hash functions, digital certificates, PKI, basics of SSL/TLS. This knowledge can be acquired through the attendance of the module “Applied IT Security” or similar modules. Es wird empfohlen, folgende Module zu absolvieren, bevor dieses Modul belegt wird:
Angewandte IT-Sicherheit (WS 2021/2022)
Inhalt:
This course provides insight into the ways in which people interact with IT security. Special attention will be paid to complex environments such as companies, governmental organizations or hospitals. A number of guest talks from practitioners and researchers highlight some of the issues in greater depth. The course covers the following topics:
Terminology of security and privacy, technical and non-technical protection measures
Development and testing of usable security mechanisms (encryption and authentication tools, security policies, security warnings)
Risk perception and decision making in security and privacy context (usage of security software, reaction to security warnings, divulging information in social media)
Economics approach to security and privacy decision making (traditional and behavioral economics)
Trade-offs between the national security and surveillance (psychology behind the EU data retention directive and NSA programs)
Psychological principles of cyber fraud (scams, phishing, social engineering)
Security awareness and user education
Interplay of safety and security in complex systems
Research methods in human factors (qualitative vs. quantitative research, usability testing, experimental design, survey design, interviews)
The exercises aim at deepening the understanding of the topics and are highly relevant for examinations. We plan to conduct approximately 5-6 exercises per semester; the rest of the exercises is reserved for the guest talks. A typical exercise consist of two parts:
(1) For each topic, the students receive a homework assignment consisting of practical exercises.
(2) For each topic, the students receive 1-3 papers to read for the next exercise. The papers will be discussed in the class with the teaching assistant.
Lernziele und Kompetenzen:
Students develop a mindset that naturally takes into account typical psychological and physical characteristics of the users when developing or evaluating security- and privacy-enhancing technologies or policies.
- Wissen
-
- Verstehen
- demonstrate specific difficulties in developing and testing of usable security mechanisms
explain main psychological principles behind the cyber fraud
illustrate specific difficulties in awareness campaigns and user training in the realms of security and privacy
illustrate the influence of the psychological risk perception principles (especially under- and overestimation of risk) on security and privacy decision making
- Anwenden
- compare different approaches to the development of usable security features
apply elements of the mental models approach and of user-centered design to development and evaluation of security- and privacy-enhancing techniques
scan research papers and other materials for important points that clarify and deepen course contents
- Analysieren
- structure the relation between usability and security
contrast the approaches of traditional and behavioral economics to the explanation of security- and privacy-related behavior
argue advantages and disadvantages of mass surveillance and other kinds of mass data collection for security and privacy of citizens
- Evaluieren (Beurteilen)
-
- Erschaffen
- develop well-founded personal opinions on the course topics and defend them in the class discussions
Literatur:
We use classical and current research papers on usable security and privacy that will be introduced during the module.
Organisatorisches:
- This module will be held in German, slides are in English. Assignments will be formulated in English, and can be answered in German or English.
Written exams will be formulated in English and can be answered in German or English.
Time slots for lectures and exercises will be swapped on multiple occasions.
Die erste Übung findet in der zweiten Vorlesungswoche statt. The first exercise will take place during the second week of lectures.
The lectures will be recorded. Guest lectures and exercises might or might not be recorded, depending on concrete situations.
Verwendbarkeit des Moduls / Einpassung in den Musterstudienplan:
- Wirtschaftsinformatik (Bachelor of Science)
(Po-Vers. 2020w | ReWiFak | Wirtschaftsinformatik (Bachelor of Science) | Gesamtkonto | Wahlpflichtbereiche | Wahlpflichtbereich Informatik | Human Factors in Security and Privacy)
Dieses Modul ist daneben auch in den Studienfächern "Informatik (Bachelor of Arts (2 Fächer))", "Informatik (Bachelor of Science)", "Informatik (Master of Science)", "International Information Systems (IIS) (Master of Science)", "Mathematik (Bachelor of Science)", "Mechatronik (Master of Science)", "Medizintechnik (Bachelor of Science)", "Medizintechnik (Master of Science)" verwendbar. Details
Studien-/Prüfungsleistungen:
Human Factors in Security and Privacy (Prüfungsnummer: 658644)
(englischer Titel: Human Factors in Security and Privacy)
- Prüfungsleistung, Klausur, Dauer (in Minuten): 60, benotet, 5 ECTS
- Anteil an der Berechnung der Modulnote: 100.0 %
- Prüfungssprache: Deutsch
- Erstablegung: SS 2022, 1. Wdh.: WS 2022/2023
1. Prüfer: | Zinaida Benenson |
- Termin: 30.09.2022
Termin: 30.09.2022
|
|
|
|
UnivIS ist ein Produkt der Config eG, Buckenhof |
|
|