#	Pagina
attuale pagina	/open-h2020/projects/204702/index.html

Opendata, web and dolomites

USECFrontiers SIGNED

Frontiers of Usable Security – Principles and Methods for Administrator and Developer Usable Security Research

Total Cost €

EC-Contrib. €

Partnership

Views

Outcomes and
results

USECFrontiers project word cloud

Explore the words cloud of the USECFrontiers project. It provides you a very rough idea of what is the project "USECFrontiers" about.

root complicated interdisciplinary frontiers misconfigured compromised domains almost faced infrastructures date decade fundamentally of expert misappropriated caused actors messaging foundational usable authentication usability strategies software intrusion human unnoticed creation heartbleed foundation made unexamined little had consuming entire error causes shellshock conducting fundamental configuration single too data time catastrophic mistakes principles sony hitherto infrastructure administrators improvements mitigation national global pioneering security attempted extract secure hack domain practices public developers causalities advancements systemize purely carefully tb prone usec underlying vulnerability methodological mechanisms incidents entirely detection extend combat

Project "USECFrontiers" data sheet

The following table provides information about the project.

Coordinator	RHEINISCHE FRIEDRICH-WILHELMS-UNIVERSITAT BONN Organization address address: REGINA PACIS WEG 3 city: BONN postcode: 53113 website: www.uni-bonn.de contact info title: n.a. name: n.a. surname: n.a. function: n.a. email: n.a. telephone: n.a. fax: n.a.
Coordinator Country	Germany [DE]
Total cost	1˙498˙976 €
EC max contribution	1˙498˙976 € (100%)
Programme	1. H2020-EU.1.1. (EXCELLENT SCIENCE - European Research Council (ERC))
Code Call	ERC-2015-STG
Funding Scheme	ERC-STG
Starting year	2016
Duration (year-month-day)	from 2016-08-01 to 2021-07-31

Partnership

Take a look of project's partnership.

#	participants	country	role	EC contrib. [€]
1	RHEINISCHE FRIEDRICH-WILHELMS-UNIVERSITAT BONN RHEINISCHE FRIEDRICH-WILHELMS-UNIVERSITAT BONN Organization address address: REGINA PACIS WEG 3 city: BONN postcode: 53113 website: www.uni-bonn.de contact info title: n.a. name: n.a. surname: n.a. function: n.a. email: n.a. telephone: n.a. fax: n.a.	DE (BONN)	coordinator	1˙498˙976.00

Map

Project objective

Usability problems are a major cause of many of today’s IT-security incidents. Security systems are often too complicated, time-consuming, and error prone. For more than a decade researchers in the domain of usable security (USEC) have attempted to combat these problems by conducting interdisciplinary research focusing on the root causes of the problems and on the creation of usable security mechanisms. While major improvements have been made, to date USEC research has focused almost entirely on the non-expert end-user. However, many of the most catastrophic security incidents were not caused by end-users, but by developers or administrators. Heartbleed and Shellshock were both caused by single developers yet had global consequences. The recent Sony hack compromised an entire multi-national IT-infrastructure and misappropriated over 100 TB of data, unnoticed. Fundamentally, every software vulnerability and misconfigured system is caused by developers or administrators making mistakes, but very little research has been done into the underlying causalities and possible mitigation strategies. I aim to extend the frontiers of usable security by conducting foundational research into USEC methods for developers and administrators. To this end I will research and systemize the hitherto unexamined human factors in a carefully selected set of problems currently faced by developers and administrators, specifically: authentication, secure messaging, systems configuration, intrusion detection, and public key infrastructures. From this pioneering research I will extract and develop principles, methods, and best practices for conducting usability studies and research with these actors and establish a foundation for this emerging research field. In addition to these foundational methodological results, I expect to make fundamental advancements in the above application research domains by including the human factors in these currently purely technical research areas.

Publications

List of publications.
year	authors and title	journal	last update
2019	Katharina Krombholz, Karoline Busse, Katharina Pfeffer, Matthew Smith, Emanuel von Zezschwitz, \"\"\"If HTTPS Were Secure, I Wouldn\'t Need 2FA\"\" - End User and Administrator Mental Models of HTTPS\" published pages: , ISSN: , DOI: 10.1109/sp.2019.00060	IEEE Symposium on Security and Privacy (SP)	2019-06-07
2019	Karoline Busse, Juila SchÃ¤fer, Matthew Smith Replication: No One Can Hack My MindRevisiting a Study on Expert and Non-Expert Security Practices and Advice published pages: , ISSN: , DOI:	Symposium on Usable Privacy and Security	2019-06-07
2016	Matthew Green, Matthew Smith Developers are Not the Enemy!: The Need for Usable Security APIs published pages: 40-46, ISSN: 1540-7993, DOI: 10.1109/msp.2016.111	IEEE Security & Privacy 14/5	2019-06-07

Are you the coordinator (or a participant) of this project? Plaese send me more information about the "USECFRONTIERS" project.

For instance: the website url (it has not provided by EU-opendata yet), the logo, a more detailed description of the project (in plain text as a rtf file or a word file), some pictures (as picture files, not embedded into any word file), twitter account, linkedin page, etc.

Send me an email (fabio@fabiodisconzi.com) and I put them in your project's page as son as possible.

Thanks. And then put a link of this page into your project's website.

The information about "USECFRONTIERS" are provided by the European Opendata Portal: CORDIS opendata.