Software developers and administrators are often not security experts. As a result, the systems they build frequently have security gaps that put millions of users and confidential data at risk. Therefore, the question arises, how exactly is it that software developers and administrators make such serious security mistakes, even though there are application programming interfaces (APIs), program libraries, and tools that are intended to make it easier for developers and the use of security concepts? An insight into the basics of usable security and privacy as well as current, security-related studies with software developers and administrators are given. The knowledge gained from this is systematically processed and presented. It will also be discussed what security system designers, tool developers, and cryptographers should consider when designing their systems in order to support software developers and administrators in avoiding security-critical errors. In addition, guidelines for conducting studies with software developers and administrators are presented. A distinction is drawn between studies with end-users and software developers.
- Kursleiter/in: Stefan Albert Horstmann
- Kursleiter/in: Alena Naiakshina
- Kursleiter/in: Houda Naji
- Kursleiter/in: Raphael Serafini
- Kursleiter/in: Asli Yardim
Semester: ST 2024