Usable Security & Privacy

Learning from Biological Intelligence for Complex Systems

If it’s not usable, it’s not secure.

Angela Sasse
The Usable Security and Privacy subject examines how human factors impact privacy and security. Many of the privacy and security problems that plague today’s online world are the result of a failure of system designers to consider their intended users. It is necessary to conduct basic research on human behavior to understand how people make decisions about their privacy and security, how they interact with privacy and security mechanisms, and ultimately how to design computer systems that result in improved privacy and security outcomes.

By its nature, the research that is perform is highly interdisciplinary.
– design and evaluation of new usable security & privacy technology
– ethical, psychological, sociological and economic aspects of security & privacy technologies
– evaluation of usability issues of existing security & privacy models or technology
– foundations of technical and human factors
– impact of organizational policy on security and privacy interaction
– lessons learned from designing, deploying, managing or evaluating security & privacy technologies
– methodology for usable security & privacy research
– techniques from human-computer interaction (HCI) to solve computer security and online privacy problems
– qualitative research methods, such as interviews and ethnography, to understand the breadth of problems
– quantitative methods, such as large-scale surveys, measurement studies, and controlled laboratory experiments
– maintain many robust collaborations with both social scientists (e.g., psychologists and behavioral economists) and computer scientists (e.g., systems designers and cryptographers)

Our working group is a forum for the exchange of ideas and interdisciplinary cooperation on the subject of user-friendly information security. The Usable Security & Privacy working group deals with approaches and concepts that align security- and privatity-enhancing processes for software and interactive products more closely with the goals and tasks of users and ensure that the functioning of security elements can also be understood by non-experts. When purchasing software and technical products, their security is one of the central selection criteria. However, the everyday use of these products often results in security gaps in the handling of sensitive data, if existing security functions and mechanisms are incorrectly or not at all used by users due to a lack of usability. Interactive systems must therefore be equipped with security elements in both private and business environments that are comprehensible and usable for all user groups.

We analyse the field of action Usable Security & Privacy and investigate the needs of different user groups.

Design tools
We develop principles, patterns, guidelines and best practices that help in the practical implementation of Usable Security & Privacy.

Public Relations
We inform about Usable Security & Privacy in scientific and application-oriented publications, lectures and workshops.

For more information on this topic visit


Wikipedia article Usable Security & Privacy


For more information about our work visit

Also you can download our technical journal here.

And if you want to contribute to the next workshop visit

If you are looking for the next workshop visit my subpage Activity.