Improving Developers’ Privacy and Security Decisionmaking
Well-intentioned software developers can put user data at risk when they make errors with complicated encryption protocols, abuse device identifiers and location data, or make other mistakes. In this work, we examine why these errors occur and how they can be prevented.
Currently, we are investigating the effect of web resources (for example Stack Overflow) and of cryptography APIs on developers’ decisionmaking.
This research is a cooperative effort between the University of Maryland and Saarland University in Saarbrucken, Germany.
- Doowon Kim, PhD Student, Computer Science
- Michelle Mazurek, Assistant Professor, Computer Science
- Sascha Fahl, Postdoctoral Scholar
- Yasemin Acar, PhD Student
- Christian Stransky, PhD Student
- Michael Backes, Professor
Y. Acar, M. Backes, S. Fahl, D. Kim, M.L. Mazurek, and C. Stransky. You Get Where You’re Looking For: The Impact of Information Sources on Code Security. In submission.
This research is sponsored in part by the National Institute for Standards and Technology. We thank our NIST collaborators, Simson Garfinkel and Mary Theofanos.