CHORUS Lab

Carleton's Human Oriented Research in Usable Security Lab

 

Conference

ACSAC 2010

by

We've just returned from ACSAC 2010 in Austin, Texas. What a change from the winter weather in Canada!  Another highlight was the "Security blankets" that they gave us instead of the usual conference bag. Elizabeth presented our paper on the first day.   It was the only usable security paper at the conference, but there was lots of audience interest and questions. Tom Longstaff's invited talk about the experimental process and the importance of gathering real data resulted in lively … [Read more...] about ACSAC 2010

FC'11 Workshop on User Authentication

by

We are organizing  a workshop on user authentication, co-located with Financial Cryptography 2011 in St. Lucia on March 4, 2011.  The workshop will consist of invited talks and expert panels. A preliminary program is available and will be updated as details are finalized. Workshop on The Future of User Authentication and Authorization on the Web: Challenges in Current Practice, New Threats, and Research Directions Friday, March 4, 2011 ---  St. Lucia … [Read more...] about FC'11 Workshop on User Authentication

PST 2010

by

Last week, IEEE's Privacy, Security, Trust conference (PST) was held here in Ottawa. The talks were an interesting mix ranging from very technical to public policy topics. I taught a half-day tutorial introducing usable security and how to run usability evaluations. We had a paper on using eye-gaze as a tool to predict likely click-based graphical password click-points: Guessing Click-Based Graphical Passwords by Eye Tracking (2010). Daniel LeBlanc, Alain Forget, Robert Biddle. … [Read more...] about PST 2010

ISSNet Summer School

by

After SOUPS, we went directly to Vancouver for the 2nd annual ISSNet Summer School held at UBC.  We had a week of tutorials on different security topics, with lots of opportunity to get to know the other members of ISSNet. Our UBC hosts were great, and organized lots of social events around the technical program. … [Read more...] about ISSNet Summer School

SOUPS and USER at Microsoft

by

SOUPS and USER were hosted at Microsoft in Redmond, WA this week. It was great to see everyone again and meet new people working in usable security. Our workshop went well, we were lucky to have several interesting papers/talks and great experts for the panel. I like SOUPS, authors of papers seem to really engage in trying to balance or increase both usability and security.  We had a couple of posters, Alain presented one about our recent CHI paper, and I presented one about our MVP framework … [Read more...] about SOUPS and USER at Microsoft

USER workshop deadline

by

The deadline for submissions to both SOUPS workshops has been extended to May 17. The USER workshop focuses on methodology and analysis issues in running usable security studies.  If you have experiences with user studies that you'd like to share, consider submitting a short paper. Details of the USER workshop are available on the SOUPS website. … [Read more...] about USER workshop deadline

PST 2010 Tutorial on Usable Security

by

The 2010 Privacy, Security, and Trust (PST) conference will be held in Ottawa this year, August 17 - 19.  I will be giving a half-day tutorial on Usable Security. The tutorial will consist of two parts: Part 1 covers an overview of Usable Security, presents relevant design principles, highlights areas where Usable Security differs from standard human-computer interaction, and discusses active research areas. Part 2 includes heuristic evaluations, cognitive walk-throughs, and different … [Read more...] about PST 2010 Tutorial on Usable Security