Programme
| 8:00-8:45 | Registration (Conference desk) |
| 8:45-9:00 | Welcome by the Chair (Room 004) |
| 9:00-10:00 | Keynote Talk |
|
Speaker: Sascha Fahl (Leibniz University Hannover)
Title A Holistic Approach to Secure Programming and Usable Security Research AbstractIn the age of digitalization, we see a persistent gap between the theoretical security of e.g., cryptographic algorithms and real-world vulnerabilities, data breaches, and possible attacks. As a result, secure programming and usable security challenges impact all actors involved in the creation and use of technology, ranging from system designers across administrators and developers to end-users. To successfully prevent involuntary loss of control over data and empower end-users to retain power over their security, we must take all involved actors into account. It is crucial to find the weak points and empowering all actors to strengthen the overall security. For end-users, this means e.g., working with warning messages, security indicators, and authentication mechanisms; for developers, improving APIs, documentation and developer tools; for system administrators, improving configuration languages and tools. In this talk, I demonstrate how a holistic approach to usability and secure programming helps close the gap between theoretical security and real-world deployments. |
|
| 10:00 - 10:30 | Coffee Break |
| 10:30 - 12:00 | Session 1: Methods for Socio-Technical Systems Chair: Zinaida Benenson (University of Erlangen-Nuremberg) |
| Fidelity of Statistical Reporting in 10 Years of Cyber Security User Studies | |
| Thomas Gross (Newcastle University) | |
| "I Don't Know Too Much About It": On the Security Mindsets of Computer Science Students | |
| Mohammad Tahaei, Adam Jenkins, Kami Vaniea and Maria Wolters (The University of Edinburgh) | |
| Data, data, everywhere: quantifying software developers' privacy attitudes | |
| Dirk van der Linden (University of Bristol), Irit Hadar (University of Haifa), Matthew Edwards and Awais Rashid (University of Bristol) | |
| You've left me no choices: Security economics to inform behaviour intervention support in organizations | |
| Albesë Demjaha (University College London, The Alan Turing Institute), Simon Parkin and David Pym (University College London) | |
| 12:00 - 13:30 | Lunch |
| 13:30 - 15:00 | Session 2: System Security Chair: Gabriele Lenzini (Univ. of Luxembourg) |
| What We Know About Bug Bounty Programs - an Exploratory Systematic Mapping Study | |
| Ana Magazinius, Niklas Mellegård and Linda Olsson (RISE ICT Viktoria) | |
| Association Attacks in IEEE 802.11: Exploiting WiFi Usability Features | |
| George Chatzisofroniou and Panayiotis Kotzanikolaou (University of Piraeus) | A Security Analysis of the Danish Deposit Return System |
| Ivan Garbacz, Rosario Giustolisi, Kasper Møller Nielsen and Carsten Schuermann (IT University of Copenhagen) | Moving to client-sided hashing for online authentication |
| Nikola K. Blanchard (Digitrust, Loria, Université de Lorraine), Xavier Coquand (42) and Ted Selker (University of California at Berkeley, CITRIS) | |
| 15:00 - 15:30 | Coffee Break |
| 15:30 - 17:00 | Session 3: Privacy Control Chair: Kami Vaniea (University of Edinburgh's School of Informatics) |
| A Privacy-Preserving Infrastructure for Driver's Reputation Aware Automotive Services | |
| Gianpiero Costantino, Fabio Martinelli, Ilaria Matteucci and Paolo Santi (IIT-CNR) | |
| Case study: Disclosure of indirect device fingerprinting in privacy policies | |
| Julissa Milligan, Sarah Scheffler, Andrew Sellars, Trishita Tiwari, Ari Trachtenberg and Mayank Varia (Boston University) | |
| Investigating the Effect of Incidental Affect States on Privacy Behavioural Intention | |
| Uchechi Phyllis Nwadike and Thomas Gross (Newcastle University) | |
| Which Properties Has an Icon? A Critical Discussion on Evaluation Methods for Standardised Data Protection Iconography | |
| Arianna Rossi and Gabriele Lenzini (SnT-University of Luxembourg) | |
| 17:30-17:45 | Workshop Closing and Best Paper Award |
| 17:45-20:30 | Social Activity |
| 20:30-22:00 | Gala Dinner |