VVZ API is not affiliated with ETH Zurich. Data might be outdated or incorrect. Please view the official ETHZ Vorlesungsverzeichnis for binding information.

851-0390-00L 3 Credits DS , MSC , WBZ D-GESS , D-INFK

You're viewing possible stale or outdated data. Please check the latest semester for more up-to-date information.

Human-Centered IT Security and Privacy

Lecturers & Examiners: Prof. Dr. Verena Zimmermann, Neele Roch

VVZ CR n/a

Last Updated: 2026-02-05 16:38:19

Abstract

Students will gain an overview of the role of the human in security and privacy, learn about the relevance of human-centered design and important psychological aspects. Selected security- and privacy-related application scenarios will be presented and discussed. Furthermore, practical exercises and group work activities are used to showcase human-related aspects and foster reflection.

Objective

Students will learn about the historical development of human-centered security, relevant psychological aspects and selected practical applications. The course will enable students to critically reflect on human aspects of existing security and privacy technologies and to include a human-centered perspective in the design of new solutions, e.g. by using suitable design and evaluation tools.

Content

First, the course will describe the historical development of usable and human-centered security and privacy, respectively. Using exemplary application scenarios, the relevance of the human in security and privacy will be highlighted and the current role of the human will be reflected on. Second, the human factor will be focused on. The course will address the basic psychological aspects that are relevant for human-centered design including insights from human perceptions, cognition, and behavior. Afterwards, the human-centered design process and relevant concepts such as usability and user experience will be introduced. Finally, exemplary methods for the human-centered design and evaluation of will be presented and discussed. Third, practical scenarios across the range of security- and privacy-related topics will be used to illustrate human-centered design processes, evaluation tools and outcomes, e.g., human-centered security technologies or interfaces. Furthermore, these solutions will be discussed within a larger societal context, e.g., with regards to accessibility, ethical considerations, or legal aspects. An external guest lecture will complement the lecture by providing insights from ongoing research in the area of human-centered IT security and privacy. Across all three parts of the course, practical exercises, the exemplary application of methods or tools, and structured discussions involving different perspectives will be used to make the human factor graspable, to enable a change in perspective, and to foster reflection.

Resources

Literature

Adams, A., & Sasse, M. A. (1999). Users are not the enemy. Communications of the ACM, 42(12), 40-46. Cranor, L. F., & Garfinkel, S. (2005). Security and usability: designing secure systems that people can use. " O'Reilly Media, Inc.". Reuter, C. (2018). Sicherheitskritische Mensch-Computer-Interaktion. Wiesbaden: Springer Fachmedien Wiesbaden.

General Information

Language: English
Levels: DS , MSC , WBZ
Frequency: Yearly recurring

Examination

Type: graded semester performance

The examination will consist of two parts:1) The students need to provide a documentation of the results of the exercises conducted in the course. This is the requirement for taking part in part 2.2) The students will prepare a poster and short report for an interactive poster session in which they present a current article from the area of human-centered IT security and privacy. The grade for the course will be formed based on the poster presentation and the accompanying report.

Registration & Places

Max Places: 50

Course Components

Type	Title	Time & Place	Hours
lecture with exercise	Human-Centered IT Security and Privacy	Thu 10:15-12:00 (HG G 26.5)	2 h weekly

Offered In

Science in Perspective (In “Science in Perspective”-courses students learn to reflect on ETH’s STEM subjects from the perspective of humanities, political and social sciences. Only the courses listed below will be recognized as "Science in Perspective" courses.)
- Type A: Enhancement of Reflection Competence (SiP courses are recommended for bachelor students after their first-year examination and for all master- or doctoral students. All SiP courses are listed in Type A. Courses listed under Type B are only recommendations for enrollment for specific departments.)
  - Political Science
- Type B: Reflection About Subject-Specific Methods and Contents (Subject-specific courses. Particularly relevant for students interested in those subjects. All these courses are also listed under the category “Typ A”, and every student can enroll in these courses.)
  - D-HEST
  - D-INFK
  - D-ITET
  - D-MTEC
  - D-MAVT
Science, Technology, and Policy Master
- Electives
DAS in Cyber Security
- Elective Courses