The Technology Usability Lab in Privacy and Security (TULIPS) brings together a diverse set of students and researchers interested in understanding and improving the usability of security and privacy technologies. The lab is part of the University of Edinburgh's Security and Privacy group.
Adam Jenkins, Yasmeen Rashidi, Kami Vaniea
Updating software is one of the best ways to keep a computer safe, yet many people -- including system administrators -- choose not to install updates in a timely maner. This work explores the reasons behind avoiding updates for both end users and system administrators.
Sara S. Albakry, Kholoud Althobaiti, Kami Vaniea
Reading a URL is one of the key abilities necessary for identifying malicious communications, but many people cannot accurately read a URL and predict where it will go. This happens for several reasons, URLs are naturally complex to read, visually identical characters can easily confuse a person, and for some URLs, such as shortened ones, it is physically impossible to predict the destination from simply reading the text due to redirection.
Mohammad Tahaei, Kami Vaniea
Developer-focused interfaces need to be designed to be usable, minimize accidental error, and generally support the workflow of users. When these principles are not taken into account, it becomes easy for even highly skilled developers to make mistakes. In this project we explore different aspects of how developers interact with the security and privacy aspects of their work.
Kami Vaniea, Nicole Meng
Consumers are generally concerned about their privacy when using Internet of Things (IoT) devices. This project explores different ways to help people better understand the implications of their "things".
Topics in computer security, such as firewalls, can seem inaccessible or very difficult to beginners. That perceived inaccessibility is a serious problem at a time when we need to be attracting more people of all types into the area of computer security. In this project we explore the use of educational games as a way of both teaching about computer security concepts as well as creating controlled spaces were we can test new security technology approaches.