Usable Security And Privacy

Spring 2022 CMSC-23210/33210 @ University of Chicago


Regardless of how secure a system is in theory, failing to consider how humans actually use the system leads to disaster in practice. This course will examine how to design for security and privacy from a user-centered perspective by combining insights from computer systems, human-computer interaction (HCI), and public policy. We will introduce core security and privacy technologies, as well as HCI techniques for conducting robust user studies. Topics will include usable authentication, user-centered web security, anonymity software, privacy notices, security warnings, and data-driven privacy tools in domains ranging from social media to the Internet of Things. Students will complete weekly problem sets, as well as conduct novel research in a group capstone project. No prior experience in security, privacy, or HCI is required.

Course Outcomes:

  • Gain an appreciation for the importance of usable privacy and security

  • Learn about current research in usable privacy and security

  • Learn how to conduct robust user studies

  • Learn how to critique and evaluate usable privacy and security studies



Prof. Marshini Chetty

Crerar 355

<my first name>

Teaching Assistants:

  • Walker Cook <jwcook>

  • David Liu <liudavid>

  • Ana Rath <anarath>

Class Location and Time:

Lectures: Tuesdays, Thursdays, 11-12:20 pm, Ryerson Phys Lab 251

Office Hours:

  • Thursdays 3-4pm (Crerar 355; sign up in advance by sending a Slack message to Marshini)

Communications and Assignment Submissions:

We will use Slack for all course communications and CANVAS and Gradescope for submissions. Please do not use CANVAS for any communications to the teaching team.