Carnegie Mellon University Usable Privacy and Security Laboratory
The Carnegie Mellon University Usable Privacy and Security Laboratory (CUPS) was established in the Spring of 2004 to bring together Carnegie Mellon University researchers working on a diverse set of projects related to understanding and improving the usability of privacy and security software and systems. The privacy and security research community has become increasingly aware that usability problems severely impact the effectiveness of mechanisms designed to provide security and privacy in software systems. Indeed, one of the four grand research challenges in information security and assurance identified by the Computing Research Association in 2003 is: "Give end-users security controls they can understand and privacy they can control for the dynamic, pervasive computing environments of the future." This is the challenge that CUPS strives to address. CUPS is affiliated with Carnegie Mellon CyLab and has members from the Engineering and Public Policy Department, the School of Computer Science, the Electrical and Computer Engineering Department, the Heinz College, and the Department of Social and Decision Sciences. It is directed by Lorrie Cranor.
Projects
- P3P and computer-readable privacy policies
- Two members of the CUPS Lab are members of the W3C P3P Working Group, working on developing the P3P 1.1 specification.
- In the fall of 2005, AT&T gave the rights to the source code and trademarks surrounding Privacy Bird, their P3P user-agent. Privacy Bird is currently maintained and distributed by the lab.
- In the summer of 2005, the lab made available to the public a "P3P-enabled search engine", known as Privacy Finder. It allowed a user to reorder search results based on whether each site complied with his or her privacy preferences. This information was gleaned from P3P policies found on the web sites. Since 2012, Privacy Finder has been "temporarily out of service", with no indication of when service would be restored.
- Additionally, the lab archives web sites privacy policies and has been creating a toolkit to aid in the automated analysis of both P3P policies as well as natural language privacy policies.
- Supporting trust decisions
- More recently[when?], the lab is examining trends in phishing attacks as well as users' perceptions of these attacks to develop better methods of detecting and reporting phishing messages.
External links
- The official CUPS Lab web site
- Privacy Bird
- Privacy Finder
40°26′40″N 79°56′35″W / 40.444423°N 79.942984°W / 40.444423; -79.942984
- v
- t
- e
Carnegie Mellon University
- College of Engineering
- Information Networking Institute
- College of Fine Arts
- Dietrich College of Humanities and Social Sciences
- Social and Decision Sciences
- H. John Heinz III College of Information Systems and Public Policy
- Mellon College of Science
- School of Computer Science
- Tepper School of Business
- Margaret Morrison Carnegie College (defunct)
- Traditions
- Greek Life
- Scotch'n'Soda Theatre
- Miller ICA
- The Tartan
- WRCT
- Pittsburgh Supercomputing Center
- Software Engineering Institute
- Carnegie Mellon CyLab
- Robotics Institute
- Human Computer Interaction Institute
- Hunt Institute for Botanical Documentation
- Carnegie Mellon University Computational Biology Department
- Language Technologies Institute
- Pittsburgh Life Sciences Greenhouse
- Carnegie School
- Ames Research Center
- Carnegie Mellon University Usable Privacy and Security Laboratory
- Pittsburgh Science of Learning Center
- Integrated Innovation Institute
- Carnegie Mellon University Press
and Structures
- Alice
- Andrew Project
- BLISS
- CMMI
- Mach
- 3M computer
- Center for PostNatural History
- Conflict Kitchen
- Robot Hall of Fame
- Swartz Center for Entrepreneurship
- Waffle Shop: A Reality Show
- YinzCam
