T-110.5220 Information Security and Usability P (3 cr)
Exam 13.5.2011
This exam has two parts.
Answer 2 questions from part I and 1 analysis task from part II.
Part I:. Answer 2 out of the 3 questions.
Question 1: Describe usable security as a research field: when did it emerge and why, what kind of topics does it address, and what kind of methods does it use?
Question 2: in his Interactions article, Donald Norman concludes by the statement "Usable security and privacy: It's a matter of design." Explain what he means.
Question 3: The Cheskin et al study on Ecommerce Trust aimed to analyse the ingredients of online trust formation. What methods were used to gather the data? Discuss the possible strengths and weaknesses of the study.
Part II: Answer 1 of the 2 analysis tasks
Analysis task 1
Compare the trustworthiness of the following two sites on basis of the trust elements presented in the Cheskin: eCommerce Trust Study (http://www.cheskin.com/cms/files/i/articles//17__report-eComm%20Trust1999.p
df):
http://www.nowpublic.com/ and http://news.yahoo.com/
Analysis task 2
In 1999, Cranor et al published a report on their work on Understanding Net Users' Attitudes About Online Privacy. Over ten years later, we have witnessed the upsurge of social networking tools such as Facebook or Google Buzz, among many others that have produced a lot of stirring up around privacy issues. Discuss the findings of Cranor et al study against the new privacy issues: what has changed? how fundamental are the possible changes? Can the Cranor et al study be used to study privacy and social networking?
Answer 2 questions from part I and 1 analysis task from part II.
Part I:. Answer 2 out of the 3 questions.
Question 1: Describe usable security as a research field: when did it emerge and why, what kind of topics does it address, and what kind of methods does it use?
Question 2: in his Interactions article, Donald Norman concludes by the statement "Usable security and privacy: It's a matter of design." Explain what he means.
Question 3: The Cheskin et al study on Ecommerce Trust aimed to analyse the ingredients of online trust formation. What methods were used to gather the data? Discuss the possible strengths and weaknesses of the study.
Part II: Answer 1 of the 2 analysis tasks
Analysis task 1
Compare the trustworthiness of the following two sites on basis of the trust elements presented in the Cheskin: eCommerce Trust Study (http://www.cheskin.com/cms/files/i/articles//17__report-eComm%20Trust1999.p
df):
http://www.nowpublic.com/ and http://news.yahoo.com/
Analysis task 2
In 1999, Cranor et al published a report on their work on Understanding Net Users' Attitudes About Online Privacy. Over ten years later, we have witnessed the upsurge of social networking tools such as Facebook or Google Buzz, among many others that have produced a lot of stirring up around privacy issues. Discuss the findings of Cranor et al study against the new privacy issues: what has changed? how fundamental are the possible changes? Can the Cranor et al study be used to study privacy and social networking?