[talks] Distinguished Colloquium Speaker Lorrie Faith Cranor, Monday, Nov 13

Tue Nov 7 13:24:46 EST 2017

Distinguished Colloquium Speaker

Prof. Lorrie Faith Cranor, from Carnegie Mellon University Monday, November
13, 2017 - 12:30pm Computer Science - Room 105

Host: Dr. Marshini Chetty

User studies are critical to understanding how users perceive and interact
with security and privacy software and features. While it is important that
users be able to configure and use security tools when they are not at risk,
it is even more important that the tools continue to protect users during an
attack. Conducting user studies in the presence of (simulated) risk is
complicated. We would like to observe how users behave when they are
actually at risk, but at the same time we cannot harm user study
participants or subject them to increased risk. Often the risky situations
we are interested in occur relatively infrequently in the real world, and
thus can be difficult to observe in the wild. Researchers use a variety of
strategies to overcome these challenges and place participants in situations
where they will believe their security or privacy is at risk, without
subjecting them to increases in actual harm.  In some studies, researchers
recruit participants to perform real tasks not directly related to security
so that they can observe how participants respond to simulated
security-related prompts or cues that occur while users are focused on
primary tasks. In other studies, researchers create a hypothetical scenario
and try to get participants sufficiently engaged in it that they will be
motivated to avoid simulated harm. Sometimes researchers have the
opportunity to observe real, rather than simulated attacks, although these
opportunities are usually difficult to come by. Researchers can monitor real
world user behavior over long periods of time (in public or with permission
of participants) and observe how users respond to risks that occur
naturally, without researcher intervention. In this talk I will motivate the
importance of security user studies and talk about a number of different
user study approaches we have used at the CyLab Usable Privacy and Security
Lab at Carnegie Mellon University.

Lorrie Faith Cranor is a Professor of Computer Science and of Engineering
and Public Policy at Carnegie Mellon University where she is director of the
CyLab Usable Privacy and Security Laboratory (CUPS). She is associate
department head of the Engineering and Public Policy Department and
co-director of the MSIT-Privacy Engineering masters program. In 2016 she
served as Chief Technologist at the US Federal Trade Commission, working in
the office of Chairwoman Ramirez. She is also a co-founder of Wombat
Security Technologies, Inc, a security awareness training company. She has
authored over 150 research papers on online privacy, usable security, and
other topics. She has played a key role in building the usable privacy and
security research community, having co-edited the seminal book Security and
Usability (O'Reilly 2005) and founded the Symposium On Usable Privacy and
Security (SOUPS). She also chaired the Platform for Privacy Preferences
Project (P3P) Specification Working Group at the W3C and authored the book
Web Privacy with P3P (O'Reilly 2002). She has served on a number of boards,
including the Electronic Frontier Foundation Board of Directors, and on the
editorial boards of several journals. In her younger days she was honored as
one of the top 100 innovators 35 or younger by Technology Review magazine.
More recently she was elected to the ACM CHI Academy, named an ACM Fellow
for her contributions to usable privacy and security research and education,
and named an IEEE Fellow for her contributions to privacy engineering. She
was previously a researcher at AT&T-Labs Research and taught in the Stern
School of Business at New York University. She holds a doctorate in
Engineering and Policy from Washington University in St. Louis. In 2012-13
she spent her sabbatical as a fellow in the Frank-Ratchye STUDIO for
Creative Inquiry at Carnegie Mellon University where she worked on fiber
arts projects that combined her interests in privacy and security, quilting,
computers, and technology. She practices yoga, plays soccer, and runs after
her three children.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cs.princeton.edu/pipermail/talks/attachments/20171107/19c80c9b/attachment.html>