Program Overview

Introduction to Usable Security and Privacy (CS60081)

The Usable Security and Privacy course focuses on designing secure and private systems with a user-centric approach. It combines concepts from computer systems, human-computer interaction (HCI), and secure/private system design. The course introduces core security and privacy technologies, as well as HCI techniques for conducting robust user studies.

Course Description

All secure and privacy-preserving systems are ultimately used by humans, who might or might not understand the intended usage of these systems. The course will cover topics like passwords, definitions of privacy, usable encryption, authentication, privacy of archival data, usability of crypto libraries, and privacy notices.

Instructor

• Mainack Mondal

Teaching Assistants

• Suryam Arnav Kalra
• Shashvat Gupta

Course Information

Credit and Background Knowledge

• Credit (L-T-P): 3-0-0
• Background Knowledge: The course assumes familiarity with basic computer science/mathematics concepts, including:
  • Probability and statistics
  • Computer Networks and Operating systems basics
  • Basics of security (symmetric/asymmetric encryption/decryption, hashing, access control lists)
  • Computer programming (preferably in Python)

Lectures and Schedule

• Scheduled lecture timings:
  • Wednesday: 11:00 am - 11:55 am
  • Thursday: 12:00 pm - 12:55 pm
  • Friday: 8:00 am - 9:00 am
• The course will be conducted offline with a mix of live lectures and pre-recorded course videos.

Textbook and Coursework

• No specific textbooks are required; instead, publicly available research papers/book excerpts will be posted for reading and quizzes/viva.
• Coursework consists of three tests and a project (in groups of 2-3), with submissions through CSE Moodle.

Course Evaluation Components

• Mid and End Sem: 60% - Mid/end semester examinations to test students' understanding.
• Term Project + Assignment: 40% - Students will work on course projects in small groups, with an opportunity to indicate their preferences before project groups are assigned.

Project Details

• The project aims to teach the principles of usable security and privacy hands-on.
• All reports should be written in ACM double-column "sigconf" template.
• Each report should contain the student's name and roll number, with one report upload per group in Moodle.
• Project steps include:
  • Creating a group and picking a project topic.
  • Meeting with the instructor and TAs to develop the project idea.
  • Submitting a report specifying research questions, hypotheses, study design, and more.
  • Designing questionnaires, scripts, scenarios, and interview protocols.
  • Developing prototypes and software necessary for the user study.
  • Submitting an ethics committee approval application.
  • Conducting a study with at least 5 participants and presenting the final results.

Grading

• Mid/End Semester Examination: 60%
• Term Project + Assignment: 40%

Honor Code

• Students are permitted to discuss problem sets with the course staff and fellow students but must write out their own solutions.
• Consulting another student's solution or copying from any source constitutes cheating.
• No collaboration is permitted on quizzes or assignments.
• All work submitted must properly cite ideas and work that are not the students' own.

Wellness

• If a personal emergency impacts work in the class, students should inform the instructors via a private chat message so that appropriate arrangements can be made.

Copyright Policy

• All teaching materials, including course slides, homework, assignments, practice exams, and quizzes, are copyrighted.
• Reproduction, redistribution, and other rights solely belong to the instructor.
• Violating this copyright policy will be considered an academic integrity violation.