User-friendly configuration of access control mechanisms for Learning Analytics
Learning Analytics data collected in classroom contexts may contain sensitive information about students. A major challenge in dealing with and storing this data is the need for secure yet easy-to-use access control mechanisms. Access should be configurable by teaching staff on the one hand and by students themselves on the other. Previous research in the area of usable access control for data in social networks has shown that the used mechanisms must be designed and implemented according to the target group and follow a usability-by-design approach (Mazurek et. al., 2014). Preliminary work of the involved PIs has shown that target group-specific security mechanisms can be used very effectively (Nguyen et. al., 2017).
This PhD project researches access control mechanisms for students and teaching staff that can effectively protect Learning Analytics data. First of all, the mental models of students and teachers with regard to personal data will be investigated. In a second step, existing access control mechanisms will be examined for their applicability in the context of Learning Analytics data. Furthermore, user experience concepts as well as concrete demonstrators will be developed and studied. These follow a usability-by-design approach and will be continuously evaluated in user studies. Finally, field studies with students and teachers will provide information about the security and usability of the developed access control mechanisms.
 Michelle L. Mazurek and Yuan Liang and William Melicher and Manya Sleeper and Lujo Bauer and Gregory R. Ganger and Nitin Gupta and Michael K. Reiter; Toward Strong, Usable Access Control for Shared Distributed Data; 12th USENIX Conference on File and Storage Technologies
 Duc-Cuong Nguyen and Dominik Wermke and Yasemin Acar and Michael Backes and Charles Weir and Sascha Fahl; A Stitch in Time: Supporting Android Developers in Writing Secure Code; Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS’17