Keynote Speaker

Angela Sasse_06

“They’re requirements, Jim, but not as we know them” -
managing usability and security requirements during the development process

Angela Sasse, University College London

The need for more usable security solutions was established by 2 papers published in 1999 – Whitten & Tygar’s “Why Johnny Can’t Encrypt” and Adams & Sasse’s “Users Are Not The Enemy”. But 15 years on, there are still few examples of software that is secure and usable, and many with security that users either ignore or bypass. Based on an as yet unpublished study, I will argue that not eliciting and specifying security and usability attributes in sufficient detail at the requirement stage is the cause of the problem, and discuss what changes to processes and tools should be made to overcome this.


M. Angela Sasse is the Professor of Human-Centred Technology and Head of Information Security Research in the Department of Computer
Science at University College London (UCL), UK.  Over the past 15 years, her team has conducted pioneering research  to understand how humans understand security, privacy, identity and  trust. She has 200 peer-reviewed publications, and is currently the Director of the UK Research Institute in Science of Cyber Security (RISCS).

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s