Course Contents
This course provides a sound and practice-oriented introduction and an overview of the foundations, methods, and applications of human-computer-interaction (HCI) in the context of usable safety, security, and privacy. The course content is deepened in the application areas of cybersecurity, data protection, and crisis informatics. Methodologically, the spectrum from usability engineering to user experience design is covered from analysis through design to evaluation.
CONTENT:
[list]
[*]Foundations and Methods (Usability Engineering and User Experience Design)
[*]Usable Safety (Crisis Informatics), Security (Cybersecurity) und Privacy (Data Protection)
[*]International/cultural aspects and trends
[/list]
STRUCTURE:
[list]
[*]Introduction and Overview
[*]Foundations and Methods (Usability Engineering and User Experience Design of Safety- and Security-Critical Systems)
[*]Usable Safety (Business Continuity and Cooperation in Authorities, Public Warning in Disaster Events, Social Media in Emergencies, Crises and Catastrophes, Social Media Analytics for Companies and Authorities)
[*]Usable Security (Human Factors in Security, Tools for Usable (Cyber-)Security)
[*]Usable Privacy (Usable Solutions for Data Protection, Privacy-Enhancing Technologies)
[*]Outlook (International/ cultural aspects, Trends and Developments)
[/list]
Literature
Reuter, C. (Ed.) (2021) Sicherheitskritische Mensch-Computer-Interaktion: Interaktive Technologien und Soziale Medien im Krisen- und Sicherheitsmanagement, Wiesbaden: Springer Vieweg. [url]http://www.buch-sec-mci.chreu.de[/url]
Preconditions
Recommended prerequisites include a foundation in at least one of the following areas: computer science, cyber security and privacy, human-computer interaction, or peace and conflict studies, as well as basic knowledge of the subject areas covered by PEASEC.
Further Information
Further information on lectures of PEASEC can be found at [url=http://www.peasec.de/teaching]www.peasec.de/teaching[/url]
You can find the Moodle-course at [url=http://www.usp.peasec.de]www.usp.peasec.de[/url]
Online Offerings
moodle
- Lecturer: Kilian Demuth
- Lecturer: Markus Henkel
- Lecturer: Marc-André Kaufhold
- Lecturer: Christian Reuter
Digital Teaching
Course website: https://encrypto.de/CRYPROT
Course Contents
Cryptographic protocols allow parties with potentially conflicting interests to jointly perform certain tasks. This course covers basic and advanced constructions for cryptographic protocols and their applications, including Commitments, Secure Coin Flipping, Zero-Knowledge Proofs, Mixnets, Anonymous Credentials, Private Information Retrieval, Secure Multiparty Computation, and Hardware-assisted Cryptographic Protocols.
Preconditions
Basic knowledge in applied cryptography is strongly recommended, e.g., by successfully completing the course "Computer System Security" or "Introduction to Cryptography".
Online Offerings
moodle
- Lecturer: Thomas Schneider
In the event of a cyber incident like a Distributed Denial of Service (DDoS) attack, widespread malware infection, or data breach, organisations must act swiftly to continue or restore operations and maintain stakeholders' trust. This course delves into the concepts of decision-making in preparation and response to cyber incidents.
The focus in this course will be rational decision-making. Rational here means that the investments made and the measures taken should be both effective and efficient. As we will discuss quite some regularly taken measures aimed to improve cyber security have no proven proportionality.
We will use the concept of the safety chain to help determine what investments in preparation are effective and efficient.
Another core concept is the use of resilience in organizations. We discuss three interrelated concepts: a resilient cyber decision-making process, a resilient cyber decision, and a cyber resilient performance. As we will show the relationship between three concepts is not trivial. Drawing on the principles of naturalistic decision-making (NDM), we demonstrate that a resilient cyber decision-making process during cyber incidents requires anticipation of and overcoming inherent flaws in decision-making, which, while theoretically feasible, proves challenging for professionals under severe time constraints and uncertainty.
The course will furthermore rely on interaction of the students with their host-organization, for which the students will write an advice on proportional cyber security policies (see ‘examinierung’), so the students get an insight on practical cyber security.
Expected Number of Participants
max. 40
Further Information
[url]https://cipr.peasec.de[/url]
Additional Information
There will physical and online colleges, as well as an advice to be written.
The course will start with a two-day intensive and immersive session during which the basics of the governance of safety and security are covered. This will be the base for the specific course content on cyber incident preparation and response.
During the semester there will be weekly on-line colleges during which specific themes are covered, and the exam-advice development (see below under ‘Examinierung’) will be discussed.
Guest lectures will be given by o.a. dr. Jelle Groenendaal, o.a. former senior IT-security advisor with an international operating Dutch-based bank whose work will be part of the literature studied. This will give students the chance to interact with ‘reflective practitioners’ on the domain.
The course will end as it begins, that is with a two-day session in which the concept of the exam advice will be presented (this will be a base for the grades), discussed and whenever necessary improved.
Students must be present during the two-day sessions and during 90% of the online lectures as there will be no recordings due to the sometimes confidential content shared.
- Lecturer: Ira Helsloot
- Lecturer: Christian Reuter