University of Illinois Urbana-Champaign

Trusted CI webinar: Investigating Secure Development In Practice: A Human-Centered Perspective

Mazurek, Michelle

Permalink

https://hdl.handle.net/2142/110089

Description

Title
Trusted CI webinar: Investigating Secure Development In Practice: A Human-Centered Perspective
Author(s)
Mazurek, Michelle
Issue Date
2021-06-28
Keyword(s)
  • Trusted CI
  • NSF
  • Webinar
  • Software Assurance
Abstract
Secure development is not just a technical problem: it’s a human and organizational problem as well. To understand the causes of insecurity, and find effective solutions, we must understand how and why security problems happen, and what barriers stand in the way of fixing them. How can we make it easier for developers to write secure code, even without special training? In this talk, I will report on findings from several recent studies addressing these questions. These include examining the effects of information resources and API design on developers' likelihood of writing secure code; using data from a secure programming contest to explore the kinds of security mistakes developers make; and exploring the benefits and barriers associated with adoption of a secure programming language. Speaker Bio: Michelle Mazurek is an Associate Professor in the Computer Science Department and the Institute for Advanced Computer Studies at the University of Maryland, College Park, where she also directs the Maryland Cybersecurity Center. Her research aims to understand and improve the human elements of security- and privacy-related decision making. Recent projects include examining how and why developers make security and privacy mistakes; investigating the vulnerability-discovery process; evaluating the use of threat-modeling in large-scale organizations; and analyzing how users learn about and decide whether to adopt security advice. Her work has been recognized with an NSA Best Scientific Cybersecurity Paper award and three USENIX Security Distinguished Paper awards. She was Program Chair for the Symposium on Usable Privacy and Security (SOUPS) for 2019 and 2020 and is Program Chair for the Privacy Enhancing Technologies Symposium (PETS) for 2022 and 2023.
Type of Resource
  • text
  • still image
Language
en
Permalink
http://hdl.handle.net/2142/110089
Sponsor(s)/Grant Number(s)
  • NSF Grant # 1920430
  • NSF Grant # 1943215
Copyright and License Information
Copyright © 2021 The Trustees of Indiana University. This work is licensed under a Creative Commons Attribution-­NonCommercial 3.0 Unported (CC BY­NC 3.0) license.

Owning Collections

Trusted CI Presentations and Reports PRIMARY