Obiettivo Usability problems are a major cause of many of today’s IT-security incidents. Security systems are often too complicated, time-consuming, and error prone. For more than a decade researchers in the domain of usable security (USEC) have attempted to combat these problems by conducting interdisciplinary research focusing on the root causes of the problems and on the creation of usable security mechanisms. While major improvements have been made, to date USEC research has focused almost entirely on the non-expert end-user. However, many of the most catastrophic security incidents were not caused by end-users, but by developers or administrators. Heartbleed and Shellshock were both caused by single developers yet had global consequences. The recent Sony hack compromised an entire multi-national IT-infrastructure and misappropriated over 100 TB of data, unnoticed. Fundamentally, every software vulnerability and misconfigured system is caused by developers or administrators making mistakes, but very little research has been done into the underlying causalities and possible mitigation strategies. I aim to extend the frontiers of usable security by conducting foundational research into USEC methods for developers and administrators. To this end I will research and systemize the hitherto unexamined human factors in a carefully selected set of problems currently faced by developers and administrators, specifically: authentication, secure messaging, systems configuration, intrusion detection, and public key infrastructures. From this pioneering research I will extract and develop principles, methods, and best practices for conducting usability studies and research with these actors and establish a foundation for this emerging research field. In addition to these foundational methodological results, I expect to make fundamental advancements in the above application research domains by including the human factors in these currently purely technical research areas. Campo scientifico natural sciencescomputer and information sciencessoftwarenatural sciencescomputer and information sciencesdatabasesnatural sciencescomputer and information sciencescomputer securitycryptographysocial sciencespsychologyergonomics Programma(i) H2020-EU.1.1. - EXCELLENT SCIENCE - European Research Council (ERC) Main Programme Argomento(i) ERC-StG-2015 - ERC Starting Grant Invito a presentare proposte ERC-2015-STG Vedi altri progetti per questo bando Meccanismo di finanziamento ERC-STG - Starting Grant Istituzione ospitante RHEINISCHE FRIEDRICH-WILHELMS-UNIVERSITAT BONN Contribution nette de l'UE € 1 498 976,00 Indirizzo REGINA PACIS WEG 3 53113 Bonn Germania Mostra sulla mappa Regione Nordrhein-Westfalen Köln Bonn, Kreisfreie Stadt Tipo di attività Higher or Secondary Education Establishments Collegamenti Contatta l’organizzazione Opens in new window Sito web Opens in new window Partecipazione a programmi di R&I dell'UE Opens in new window Rete di collaborazione HORIZON Opens in new window Costo totale € 1 498 976,00 Beneficiari (1) Classifica in ordine alfabetico Classifica per Contributo netto dell'UE Espandi tutto Riduci tutto RHEINISCHE FRIEDRICH-WILHELMS-UNIVERSITAT BONN Germania Contribution nette de l'UE € 1 498 976,00 Indirizzo REGINA PACIS WEG 3 53113 Bonn Mostra sulla mappa Regione Nordrhein-Westfalen Köln Bonn, Kreisfreie Stadt Tipo di attività Higher or Secondary Education Establishments Collegamenti Contatta l’organizzazione Opens in new window Sito web Opens in new window Partecipazione a programmi di R&I dell'UE Opens in new window Rete di collaborazione HORIZON Opens in new window Costo totale € 1 498 976,00