Reflecting on Twenty Years of Usable Privacy and Security

Moderator: Patrick Gage Kelley, Google
Panelists: Lorrie Faith Cranor, Carnegie Mellon University; Simson Garfinkel, BasisTech, LLC and Harvard University; Robert Biddle, Carleton University; Mary Ellen Zurko, MIT Lincoln Laboratory; Katharina Krombholz, CISPA Helmholtz Center for Information Security

Abstract: 

Lorrie Faith Cranor, Carnegie Mellon University

Lorrie Faith Cranor (lorrie.cranor.org) is the Director and Bosch Distinguished Professor in Security and Privacy Technologies of CyLab and the FORE Systems University Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University. She directs the CyLab Usable Privacy and Security Laboratory (CUPS) and co-directs the Privacy Engineering masters program. In 2016 she served as Chief Technologist at the US Federal Trade Commission. She is also a co-founder of Wombat Security Technologies, Inc., a security awareness training company that was acquired by Proofpoint. She founded the Symposium On Usable Privacy and Security (SOUPS) and co-founded the Conference on Privacy Engineering Practice and Respect (PEPR). She has served on a number of boards, including the Electronic Frontier Foundation Board of Directors, the Electronic Privacy Information Center Advisory Board, the Computing Research Association Board of Directors, and the Aspen Institute Cybersecurity Group. She was elected to the ACM CHI Academy and named a Fellow of IEEE, ACM, and AAAS. She was previously a researcher at AT&T-Labs Research. She holds a doctorate in Engineering and Policy from Washington University in St. Louis. In 2012–2013 she spent her sabbatical as a fellow in the Frank-Ratchye STUDIO for Creative Inquiry at Carnegie Mellon University, where she worked on fiber arts projects, including a quilted visualization of bad passwords that was featured in Science Magazine as well as a bad passwords dress that she frequently wears when talking about her research. She plays soccer, walks to work, sews her own clothing with pockets, and tries not to embarrass her three young adult children.

Simson Garfinkel, BasisTech, LLC and Harvard University

Dr. Simson Garfinkel researches and writes at the intersection of AI, privacy, and digital forensics. He is a fellow of the AAAS, the ACM and the IEEE. He earned his PhD in Computer Science at MIT and a Master of Science in Journalism at Columbia University.

Robert Biddle, Carleton University

Robert Biddle is Professor of Computer Science and Cognitive Science at Carleton University in Ottawa, Canada. His research has always concerned human factors in Computer Science, drawing on principles and methods from cognitive and social sciences. The topics addressed have ranged from programming language design, to software development, and especially cybersecurity. His undergraduate studies were in Mathematics, Computer Science, and Education, and his Masters and Doctoral studies were in Computer Science. He is dual citizen of Canada and New Zealand, and his education and academic career has been in both countries. He has awards for research, teaching, and graduate mentorship. Robert is a Fellow of the New Zealand Computer Society, and a British Commonwealth Scholar.

Mary Ellen Zurko, MIT Lincoln Laboratory

Mary Ellen Zurko is a technical staff member at the Massachusetts Institute of Technology (MIT) Lincoln Laboratory. She has worked in research, product prototyping and development, and has more than 20 patents. She defined the field of user-centered security in 1996, and has worked in cybersecurity for over 35 years. She was the security architect of one of IBM’s earliest clouds, and a founding member of NASEM’s Forum on Cyber Resilience. She serves as a Distinguished Expert for NSA’s Best Scientific Cybersecurity Research Paper competition, and is on the NASEM committee identifying the key Cyber Hard Problems for our nation. Her research interests include unusable security for attackers, Zero Trust architectures for government systems, security development and code security, authorization policies, high-assurance virtual machine monitors, the web, and PKI. Zurko received a S.B. and S.M. in computer science from MIT. She has been the only “Mary Ellen Zurko” on the web for over 25 years.

BibTeX
@conference {299391,
author = {Lorrie Faith Cranor and Simson Garfinkel and Robert Biddle and Mary Ellen Zurko},
title = {Reflecting on Twenty Years of Usable Privacy and Security},
year = {2024},
address = {Philadelphia, PA},
publisher = {USENIX Association},
month = aug
}

Presentation Video