Human Factors in Security and Privacy Group

Whenever a computing system requires interaction with users, e.g., when users have to manage passwords or adjust their privacy settings, decisions have to be made on both sides – on the side of the users and on the side of the security experts. In the Human Factors in Security and Privacy Group, we take a closer look at how people interact with security and privacy mechanisms. We investigate security and privacy attitudes and behavior of end users and of security experts.

Research questions cover the following fields but are not limited to it:

  • Mental models of security and privacy
  • Risk perception and decision making in security and privacy context
  • Security and privacy in the Internet of Things

We are especially committed to the notion of evidence-based security: Just like in the evidence-based medicine, the value is placed on robust experimental methods, careful data analysis and integration of users’ needs and priorities into security management processes.