Usable Security (USEC)

*Paper submission deadline extended to 18 December 2015!*

Overview

Many aspects of information security combine technical and human factors. If a highly secure system is unusable, users will try to circumvent the system or move entirely to less secure but more usable systems. Problems with usability are a major contributor to many high-profile security failures today.

However, usable security is not well-aligned with traditional usability for three reasons. First, security is rarely the desired goal of the individual. In fact, security is usually orthogonal–and often in opposition–to the actual goal. Second, security information is about risk and threats. Such communication is not often welcome, and increasing unwelcome interaction is not a goal of usable design. Third, since individuals must trust their machines to implement their desired tasks, the risk communication itself may undermine the value of the networked interaction. For the individual, discrete technical problems are all understood under the rubric of online security (e.g., privacy from third parties, use of personally identifiable information, malware). A broader conception of both security and usability is therefore needed for usable security.

The NDSS Workshop on Usable Security invites submissions on all aspects of human factors and usability in the context of security and privacy. USEC 2016 aims to bring together researchers already engaged in this interdisciplinary effort with other computer science researchers in areas such as visualization, artificial intelligence and theoretical computer science as well as researchers from other domains such as economics and psychology. We particularly encourage collaborative research from authors in multiple fields.

Topics include, but are not limited to:
•    Evaluation of usability issues of existing security and privacy models or technology
•    Design and evaluation of new security and privacy models or technology
•    Impact of organizational policy or procurement decisions
•    Lessons learned from designing, deploying, managing or evaluating security and privacy technologies
•    Foundations of usable security and privacy
•    Methodology for usable security and privacy research
•    Ethical, psychological, sociological and economic aspects of security and privacy technologies

We further encourage submissions that contribute to the research community’s knowledge base:
•    Reports of replicating previously published studies and experiments
•    Reports of failed usable security studies or experiments, with the focus on the lessons learned from such experience.

It is the aim of USEC to contribute to an increase of the scientific quality of usable security and privacy research. To this end, we encourage the use of replication studies to validate research findings. This important and often very insightful branch of research is sorely underrepresented in usable security and privacy research to date. Papers in these categories should be clearly marked as such and will not be judged against regular submissions on novelty. Rather, they will be judged based on scientific quality and value to the community.

Location and Important Dates

Paper submission: 18 December 2015 11 December 2015 (11:59pm PST) – see note below on CHI submissions
Notification: 20 January 2016
Camera ready copy due: 31 January 2016
Workshop: 21 February 2016 (co-located with NDSS 2016)
Location: Catamaran Resort Hotel & Spa in San Diego, California.

Submission Instructions

Papers should be written in English. Full papers must be no more than 10 pages total (including references and appendices). Papers must be formatted for US letter size (not A4) paper in a two-column layout, with columns no more than 9.25 inch high and 3.5 inch wide. The text must be in Times font, 10-point or larger, with 11-point or larger line spacing. Authors are encouraged to use the NDSS provided templates (https://www.internetsociety.org/events/ndss-symposium/ndss-templates).

We also invite short papers of up to 6 pages covering work in progress, short communications, as well as novel or provocative ideas. Short papers will be selected based on their potential to spark interesting discussions during the workshop.
Papers that contribute to the research community’s knowledge base such as studies replicating previous results can be submitted as full or short papers.

Submissions do not have to be anonymized for review. Please clearly refer to your own related work.

Note: USEC would like to accommodate those who are waiting to hear back about their CHI 2016 submissions but who would like to also submit their work for consideration for USEC. The CHI decision notification is expected to be December 14, 2015. Owing to the overlapping dates for both conferences, we have made allowances *in this instance only* for duplicate submissions. Please read the following information carefully. You may submit work already submitted to the CHI “Papers & Notes” track to USEC 2016 before you receive your acceptance notification from CHI, provided that: 1. you clearly indicate on the manuscript that the work has been submitted to CHI 2016; 2. you email the PC chair ([email protected]) at the time of submission to USEC; 3. you inform the PC chair immediately when you are notified about the status of your CHI submission. Any work accepted for publication at CHI will be withdrawn from consideration for USEC 2016.

The proceedings will be published by the Internet Society.

Submission Site

https://easychair.org/conferences/?conf=usec2016

Program Committee Chair

Tara Whalen, Google

Program Committee

Adam Aviv, United States Naval Academy
Rebecca Balebako, RAND Corporation
Pam Briggs, Northumbria University
Sonia Chiasson, Carleton University
Heather Crawford, Florida Institute of Technology
Alexander De Luca, Google
Tamara Denning, University of Utah
Vaibhav Garg, Princeton University
Carrie Gates, Dell Research
Peter Gutmann, University of Auckland
Cormac Herley, Microsoft Research
Maritza Johnson, Google
Mike Just, Heriot-Watt University
Heather Lipford, UNC Charlotte
Terri Oda, Intel
Simon Parkin, University College London
Sara Sinclair Brody, Simply Secure
Elizabeth Stobert, ETH Zürich
Janice Tsai, Microsoft
Kami Vaniea, University of Edinburgh
Melanie Volkamer, Technische Universität Darmstadt
Rick Wash, Michigan State University
Mary Ellen Zurko, Cisco Systems