Abstract. Since the publication of “Why Johnny Can’t Encrypt,” there has been significant interest in creating secure e-mail systems that are usable. In this talk, Scott Ruoti will describe the state of research into usable, secure e-mail. In particular, he will highlight his work on MessageGuard, the first secure e-mail system that was empirically demonstrated to be correctly used by novice users. He will then describe what remaining impediments continue to prevent the widespread adoption of usable, secure e-mail and how those impediments might impact efforts to deploy other security technologies. He will conclude with a discussion of the need for usable key management, which is a grand challenge that needs to be addressed by the community.
Biography. Scott Ruoti is an Assistant Professor at the University of Tennessee’s Department of Electrical Engineering and Computer Science. His research spans the areas of computer security and human factors, focusing on the design of systems that achieve their security goals theoretically and under real-world usage. Ruoti is currently researching usable, secure e-mail, password managers, two-factor authentication, and IoT security. Previously, Ruoti worked at MIT Lincoln Laboratory, where he was the chief architect for the US Department of Homeland Security’s Cyber.gov program tasked with creating a next-generation cybersecurity architecture for all non-DoD federal departments and agencies. He has also worked at Microsoft, Google, Symantec, and Sandia National Laboratories. Ruoti received his Ph.D. in Computer Science from Brigham Young University in 2016.
Zum YouTube-Video