[talks] S Gaw preFPO

Melissa M Lawson mml at CS.Princeton.EDU
Fri Feb 9 09:10:35 EST 2007

Shirley Gaw will present her preFPO on Thursday February 15 at 4:30PM in Room 302 (note
The members of her committee are  Ed Felten, advisor; Paul Dourish (UC Irvine) and Brian
Kernighan, readers; Perry Cook and Olga Troyanskaya, non-readers.  Everyone is invited to
attend her talk.  Her abstract follows below.

Human factors are considered one of the "weakest links" in computer security.  That is,
there is a gap between the theoretical security of a system and the practical security of
a system.  My thesis addresses this gap by understanding how users observe or avoid secure
practices.  The central argument of my thesis is that a sociological approach to computer
security is a missing but necessary foundation for addressing the "weakest link" in secure
systems.  While we may have intuitions about human behavior, simplistic models of users
fail to capture the underlying complexity of their practices in real situations, including
both their adoption of security technologies and their implementation of security
policies.  I will illustrate this by discussing results from three studies investigating
the human side of computer security: use of encrypted e-mail in an activist organization,
password management practices of undergraduates, and privacy concerns of knowledge
   Finally, I will discuss how results from sociological approaches can inspire design for
novel systems.  We are working on using the results from the encrypted e-mail study to
design a communication system where interaction relies on implicit cues of user
involvement and trust built over time.

More information about the talks mailing list