The interaction between technical security and the human factor is increasingly becoming a critical factor in cyber security. For this reason the 2nd SecHuman Summer School took place on the subject „Usability, Cybercrime and Ethics of Cybersecurity” from 3rd to 6th of September 2018 at the Ruhr-University Bochum, Germany. 45 international participants from UK, Ireland Czech Republic, Belgium, Luxemburg, Austria, USA and Germany together with seven international speakers were exchanging for four days on cyber security from different subject areas.
Day 1: Theoretical security vs. acutal privacy and secure passwords
Prof. Dr. Nikol Rummel (Institute for Educational Science, Ruhr-University Bochum, DE) opened the Summer School and welcomed the participants with a keynote. Following started four very informative days with top-level scientists. The first session by Prof. Sascha Fahl (Ruhr-University Bochum, DE) showed how the consideration of human factors in IT security enables to close the gap between theoretical security and actual privacy.
Blase Ur (University of Chicago, USA) presented methods for generating preferable passwords and he sensitized the participants to how the online performance of a user is used by tracking for personalized advertisement.
Day 2: Psychological aspects and methods of usable security
The second day of the Summer School focused on psychological aspects and methods of usable security. Lydia Kraus (Masaryk University, CZ) and Elissa Redmiles (University of Maryland, USA) investigated the role of in- and extrinsic factors in security mechanisms of smart phones and how usable these mechanisms are. Following raised the question if usability can be measured and which (economical) methods can be used.
Day 3: Cybercrime and black market
Daniel Thomas (University of Cambridge, UK) and Alice Hutchings (University of Cambridge, UK) dedicated one day to the subject of cybercrime and the question how much damage cybercrime does. Participants investigated security gaps in group work and discussed when these should be disclosed. Participants could gain an insight in activities with flight tickets of the black market.
Day 4: Research ethics
The Summer School ended with two very informative sessions on research ethics. Just because something is legal, it may still not be ethically alright. Participants broadened their own view and fundamental questions regarding IT security and cybercrime raised.
Closing and Feedback
The program was complemented by an extensive social program with a conference dinner, a guided tour through the Fiege Brewery and a visit of the Planetarium Bochum.
Participants were very pleased with the interdisciplinary exchange:
“The SecHuman Summer School was a brilliant networking and learning experience for me. I met researchers interested in my specific area and those from other disciplines that someday I hope to collaborate with. The summer school offered a very friendly and vibrant environment for meeting new people and enthusiastically discussing all things from IT security. I would absolutely recommend this to all early career usable security and privacy researchers. Thank you again for a brilliant week.“ Hazel M., Maynooth University, Ireland
"The summer school approached the human aspects in security from multiple directions, creating a diverse program broadening our view of the subject." Martin U., Masaryk University, Czech Republic
"The summer school approached the human aspects in security from multiple directions, creating a diverse program broadening our view of the subject." Martin U., Masaryk University, Czech Republic
“I found the SecHuman Summer School to be a fantastic opportunity to meet other PhD students, talk about ideas, share practice and hear from experienced researchers who have already been where we want to go. I would highly recommend applying.” Arianna S.
SecHuman – Security for humans in cyberspace is one of 12 PhD schools (Forschungskolleg) of the state NRW which deals with socially relevant questions regarding cyber security. The PhD school is special, innovative and unique because the different questions in IT security the program deals with are regarded from an inter- and transdisciplinary perspective. Each research topic is investigated by a PhD student from a technical background as well as a PhD student with a background in social science. A partner from industry secures that their science has relevance for practice.
The Summer School is organised by the PhD school and participates in connecting and expanding the RUB and Bochum as a location of experts in IT security in regards to inter- and transdisciplinary science.
General note: In case of using gender-assigning attributes we include all those who consider themselves in this gender regardless of their own biological sex.