Skip to main content
Unit outline_

INFO2222: Computing 2 Usability and Security

Semester 1, 2024 [Normal day] - Camperdown/Darlington, Sydney

This unit provides an integrated treatment of two critical topics for a computing professional: human computer interaction (HCI) and security. The techniques and core ideas of HCI will be studied with a particular focus on examples and case studies related to security. This unit builds the students' awareness of the deep challenges in creating computing systems that can meet people's needs for both HCI and security. It will develop basic skills to evaluate systems for their effectiveness in meeting people's needs within the contexts of their use, building knowledge of common mistakes in systems, and approaches to avoid those mistakes.

Unit details and rules

Academic unit Computer Science
Credit points 6
Prerequisites
? 
(INFO1103 OR INFO1105 OR INFO1905 OR INFO1113) AND (INFO1111 OR INFO1711 OR ENGG1111 OR ENGD1000 OF ENGG1805)
Corequisites
? 
None
Prohibitions
? 
None
Assumed knowledge
? 

None

Available to study abroad and exchange students

Yes

Teaching staff

Coordinator Muhammad Sajjad Akbar, muhammad.akbar@sydney.edu.au
Lecturer(s) Muhammad Sajjad Akbar, muhammad.akbar@sydney.edu.au
The census date for this unit availability is 2 April 2024
Type Description Weight Due Length
Supervised exam
? 
hurdle task
Final Exam
Supervised paper based exam
50% Formal exam period 2 hours
Outcomes assessed: LO2 LO5 LO6 LO7 LO8 LO9 LO10 LO11 LO12 LO13
Assignment Assignment on Security Concepts (Individual)
Outputs created from independent study.
20% Week 06
Due date: 31 Mar 2024 at 23:59
Single submission
Outcomes assessed: LO2 LO4 LO5 LO6 LO7 LO8 LO9 LO10 LO11 LO12 LO13
Assignment group assignment Project - Security
Design report, code and system demonstration.
15% Week 08
Due date: 21 Apr 2024 at 23:59
no restriction
Outcomes assessed: LO1 LO3 LO10 LO11 LO12 LO13
Assignment group assignment Project - Usability
Design report and system demonstration.
15% Week 12
Due date: 19 May 2024 at 23:59
no restriction
Outcomes assessed: LO1 LO3 LO4 LO5 LO6 LO7 LO8 LO9
hurdle task = hurdle task ?
group assignment = group assignment ?

Assessment summary

Project – Students work in a team to design and develop a ‘usable and secure’ website, with an End-to-End encrypted secure messaging function. Each student will be required to review their own performance and that of each team members and explain them (e.g., contribution portion, or which specific checking points) in the project reports. Individual marks for group assessments will be determined by the overall group product as well as the individual contributions.

Assignment -- Students work individually, the assignment contains several questions to be answered, those questions may contain the real world scenarios and problems and it is expected that students will answer/propose accrding to security fundamentals.

Final Exam – Supervised paper based exam will be conducted. Students must score at least 40% in the final exam to pass the unit (see Pass requirements).

Detailed information for each assessment can be found on Canvas.

Conditions for pass in this unit:

  • At least 40% in the progressive marks
  • At least 40% in the final exam
  • At least 50% total

Assessment criteria

The University awards common result grades, set out in the Coursework Policy 2014 (Schedule 1).

As a general guide, a high distinction indicates work of an exceptional standard, a distinction a very high standard, a credit a good standard, and a pass an acceptable standard.

Result name

Mark range

Description

High distinction

85 - 100

Awarded when you demonstrate the learning outcomes for the unit at an exceptional standard, as defined by grade descriptors or exemplars outlined by your faculty or school. 

Distinction

75 - 84

Awarded when you demonstrate the learning outcomes for the unit at a very high standard, as defined by grade descriptors or exemplars outlined by your faculty or school.

Credit

65 - 74

Awarded when you demonstrate the learning outcomes for the unit at a good standard, as defined by grade descriptors or exemplars outlined by your faculty or school.

Pass

50 - 64

Awarded when you demonstrate the learning outcomes for the unit at an acceptable standard, as defined by grade descriptors or exemplars outlined by your faculty or school.
Fail 0 - 49 When you don’t meet the learning outcomes of the unit to a satisfactory standard.

Minimum Pass Requirement:

It is a policy of the School of Computer Science that in order to pass this unit, a student must achieve at least 40% in the written examination. For subjects without a final exam, the 40% minimum requirement applies to the corresponding major assessment component specified by the lecturer. A student must also achieve an overall final mark of 50 or more. Any student not meeting these requirements may be given a maximum final mark of no more than 45 regardless of their average.

For more information see guide to grades.

Late submission

In accordance with University policy, these penalties apply when written work is submitted after 11:59pm on the due date:

  • Deduction of 5% of the maximum mark for each calendar day after the due date.
  • After ten calendar days late, a mark of zero will be awarded.

This unit has an exception to the standard University policy or supplementary information has been provided by the unit coordinator. This information is displayed below:

In accordance with University policy, these penalties apply when written work is submitted after 11:59pm on the due date: Deduction of 5% of the marks for each calendar day after the due date. After answers explained in the lab, a mark of zero will be awarded.

Academic integrity

The Current Student website provides information on academic integrity and the resources available to all students. The University expects students and staff to act ethically and honestly and will treat all allegations of academic integrity breaches seriously.

We use similarity detection software to detect potential instances of plagiarism or other forms of academic integrity breach. If such matches indicate evidence of plagiarism or other forms of academic integrity breaches, your teacher is required to report your work for further investigation.

Use of generative artificial intelligence (AI) and automated writing tools

You may only use generative AI and automated writing tools in assessment tasks if you are permitted to by your unit coordinator. If you do use these tools, you must acknowledge this in your work, either in a footnote or an acknowledgement section. The assessment instructions or unit outline will give guidance of the types of tools that are permitted and how the tools should be used.

Your final submitted work must be your own, original work. You must acknowledge any use of generative AI tools that have been used in the assessment, and any material that forms part of your submission must be appropriately referenced. For guidance on how to acknowledge the use of AI, please refer to the AI in Education Canvas site.

The unapproved use of these tools or unacknowledged use will be considered a breach of the Academic Integrity Policy and penalties may apply.

Studiosity is permitted unless otherwise indicated by the unit coordinator. The use of this service must be acknowledged in your submission as detailed on the Learning Hub’s Canvas page.

Outside assessment tasks, generative AI tools may be used to support your learning. The AI in Education Canvas site contains a number of productive ways that students are using AI to improve their learning.

Simple extensions

If you encounter a problem submitting your work on time, you may be able to apply for an extension of five calendar days through a simple extension.  The application process will be different depending on the type of assessment and extensions cannot be granted for some assessment types like exams.

Special consideration

If exceptional circumstances mean you can’t complete an assessment, you need consideration for a longer period of time, or if you have essential commitments which impact your performance in an assessment, you may be eligible for special consideration or special arrangements.

Special consideration applications will not be affected by a simple extension application.

Using AI responsibly

Co-created with students, AI in Education includes lots of helpful examples of how students use generative AI tools to support their learning. It explains how generative AI works, the different tools available and how to use them responsibly and productively.

Support for students

The Support for Students Policy 2023 reflects the University’s commitment to supporting students in their academic journey and making the University safe for students. It is important that you read and understand this policy so that you are familiar with the range of support services available to you and understand how to engage with them.

The University uses email as its primary source of communication with students who need support under the Support for Students Policy 2023. Make sure you check your University email regularly and respond to any communications received from the University.

Learning resources and detailed information about weekly assessment and learning activities can be accessed via Canvas. It is essential that you visit your unit of study Canvas site to ensure you are up to date with all of your tasks.

If you are having difficulties completing your studies, or are feeling unsure about your progress, we are here to help. You can access the support services offered by the University at any time:

Support and Services (including health and wellbeing services, financial support and learning support)
Course planning and administration
Meet with an Academic Adviser

WK Topic Learning activity Learning outcomes
Week 01 Introduction and overview Lecture (2 hr) LO1 LO2 LO10 LO13
Introduction and overview Computer laboratory (2 hr) LO1 LO2 LO10 LO13
Week 02 Cryptography basics I Lecture (2 hr) LO1 LO2 LO3 LO10 LO13
Cryptography basics I Computer laboratory (2 hr) LO1 LO2 LO3 LO10 LO13
Week 03 Cryptography basics, II Lecture (2 hr) LO1 LO2 LO3 LO10 LO13
Cryptography basics, II Computer laboratory (2 hr) LO1 LO2 LO3 LO10 LO13
Week 04 Identification and authentication Lecture (2 hr) LO1 LO2 LO3 LO4 LO10 LO11
Identification and authentication Computer laboratory (2 hr) LO1 LO2 LO3 LO4 LO10 LO11
Week 05 Network security Lecture (2 hr) LO1 LO2 LO3 LO13
Network security Computer laboratory (2 hr) LO1 LO2 LO3 LO13
Week 06 Usability and Security, a Compromise? Lecture (2 hr) LO1 LO2 LO3 LO4
Usability and Security, a Compromise? Computer laboratory (2 hr) LO1 LO2 LO3 LO4
Week 07 Investigating users and their importance in understanding usability Lecture (2 hr) LO1 LO4 LO8
Investigating users and their importance in understanding usability Computer laboratory (2 hr) LO1 LO4 LO8
Week 08 Usability in Design and Implementation: How to perform the processes of usability engineering in the context of software and system engineering Lecture (2 hr) LO1 LO4 LO5 LO6
Usability in Design and Implementation: How to perform the processes of usability engineering in the context of software and system engineering Computer laboratory (2 hr) LO1 LO4 LO5 LO6
Week 09 1. Human factors - individual physiology, cognition and broader psychology. 2. Accessibility - legal and ethical requirement Lecture (2 hr) LO1 LO3 LO4 LO5 LO7 LO9
1. Human factors - individual physiology, cognition and broader psychology. 2. Accessibility - legal and ethical requirement Computer laboratory (2 hr) LO1 LO3 LO4 LO5 LO7 LO9
Week 10 1. Handling human errors 2. Social and organization context Lecture (2 hr) LO3 LO5 LO7 LO8
1. Handling human errors 2. Social and organization context Computer laboratory (2 hr) LO3 LO5 LO7 LO8
Week 11 Web and database security Lecture (2 hr) LO1 LO2 LO3 LO13
Web and database security Computer laboratory (2 hr) LO1 LO2 LO3 LO13
Week 12 Software and system security Lecture (2 hr) LO1 LO2 LO3 LO12
Software and system security Computer laboratory (2 hr) LO1 LO2 LO3 LO12
Week 13 Privacy, Legal and Ethics, and Review and revision Lecture (2 hr) LO2 LO3 LO5 LO6 LO7 LO8 LO9 LO10 LO11 LO12 LO13
Privacy, Legal and Ethics, and Review and revision Computer laboratory (2 hr) LO2 LO3 LO5 LO6 LO7 LO8 LO9 LO10 LO11 LO12 LO13

Attendance and class requirements

Each week, students must:

  • Perform own independent study by reviewing provided materials, reading the required sections of literature and completing weekly exercises in the tutorial sheet.
  • Be prepared (completed task/research/background reading) for all face-to-face sessions (online/physical) with teaching staff and group project members.
  • Attend and participate in all classes scheduled.

Tutorials will NOT be recorded. 

 

Study commitment

Typically, there is a minimum expectation of 1.5-2 hours of student effort per week per credit point for units of study offered over a full semester. For a 6 credit point unit, this equates to roughly 120-150 hours of student effort in total.

Learning outcomes are what students know, understand and are able to do on completion of a unit of study. They are aligned with the University's graduate qualities and are assessed as part of the curriculum.

At the completion of this unit, you should be able to:

  • LO1. work effectively in a team
  • LO2. understand the balance between risk, achieved security, and cost; experience with threat modelling and risk analysis as tools to choose this balance for a given system
  • LO3. produce written reports that evaluate a web site for usability and security
  • LO4. experience building a prototype interface, and learning aspects of it independently from provided resources
  • LO5. knowledge of design guidelines and how to apply them to design user interfaces
  • LO6. use iterative prototyping, with design and evaluation cycles, to explore a design space
  • LO7. demonstrate knowledge of a core set of cognitive, physiological, organisational, and other key human factors and their implications for interface design
  • LO8. demonstrate awareness of the major challenges for designing effective user interfaces, including factors associated with individual users, cultural and organisational contexts
  • LO9. evaluate interfaces, following a user-based technique
  • LO10. understand common security terminology in security literature
  • LO11. understand different ways in which security of computer systems can be compromised, e.g. physically, remotely, operationally (esp. social engineering); and relate specific attack scenarios to the major security goals such as authentication, integrity, secrecy, non-repudiation
  • LO12. understand the major challenges for security of programs, information, computers and networks, and ability to avoid most egregious (typical) flaws in designing and operating IT systems
  • LO13. demonstrate a high-level knowledge of common approaches to achieve security goals in computer systems (environment control, communications security and OS security, secure operational practices).

Graduate qualities

The graduate qualities are the qualities and skills that all University of Sydney graduates must demonstrate on successful completion of an award course. As a future Sydney graduate, the set of qualities have been designed to equip you for the contemporary world.

GQ1 Depth of disciplinary expertise

Deep disciplinary expertise is the ability to integrate and rigorously apply knowledge, understanding and skills of a recognised discipline defined by scholarly activity, as well as familiarity with evolving practice of the discipline.

GQ2 Critical thinking and problem solving

Critical thinking and problem solving are the questioning of ideas, evidence and assumptions in order to propose and evaluate hypotheses or alternative arguments before formulating a conclusion or a solution to an identified problem.

GQ3 Oral and written communication

Effective communication, in both oral and written form, is the clear exchange of meaning in a manner that is appropriate to audience and context.

GQ4 Information and digital literacy

Information and digital literacy is the ability to locate, interpret, evaluate, manage, adapt, integrate, create and convey information using appropriate resources, tools and strategies.

GQ5 Inventiveness

Generating novel ideas and solutions.

GQ6 Cultural competence

Cultural Competence is the ability to actively, ethically, respectfully, and successfully engage across and between cultures. In the Australian context, this includes and celebrates Aboriginal and Torres Strait Islander cultures, knowledge systems, and a mature understanding of contemporary issues.

GQ7 Interdisciplinary effectiveness

Interdisciplinary effectiveness is the integration and synthesis of multiple viewpoints and practices, working effectively across disciplinary boundaries.

GQ8 Integrated professional, ethical, and personal identity

An integrated professional, ethical and personal identity is understanding the interaction between one’s personal and professional selves in an ethical context.

GQ9 Influence

Engaging others in a process, idea or vision.

Outcome map

Learning outcomes Graduate qualities
GQ1 GQ2 GQ3 GQ4 GQ5 GQ6 GQ7 GQ8 GQ9

This section outlines changes made to this unit following staff and student reviews.

Changes were made to one of the assignments..

 

IMPORTANT: School policy relating to Academic Dishonesty and Plagiarism.

In assessing a piece of submitted work, the School of Computer Science may reproduce it entirely, may provide a copy to another member of faculty, and/or to an external plagiarism checking service or in-house computer program and may also maintain a copy of the assignment for future checking purposes and/or allow an external service to do so.


Computer programming assignments may be checked by specialist code similarity detection software. The Faculty of Engineering currently uses the MOSS similarity detection engine (see http://theory.stanford.edu/~aiken/moss/), or the similarity report available in ED (edstem.org). These programs work in a similar way to Turnitin in that they check for similarity against a database of previously submitted assignments and code available on the internet, but they have added functionality to detect cases of similarity of holistic code structure in cases such as global search and replace of variable names, reordering of lines, changing of comment lines, and the use of white space.

All written assignments submitted in this unit of study will be submitted to the similarity detecting software program known as Turnitin. Turnitin searches for matches between text in your written assessment task and text sourced from the Internet, published works and assignments that have previously been submitted to Turnitin for analysis.

There will always be some degree of text-matching when using Turnitin. Text-matching may occur in use of direct quotations, technical terms and phrases, or the listing of bibliographic material. This does not mean you will automatically be accused of academic dishonesty or plagiarism, although Turnitin reports may be used as evidence in academic dishonesty and plagiarism decision-making processes.

Disclaimer

The University reserves the right to amend units of study or no longer offer certain units, including where there are low enrolment numbers.

To help you understand common terms that we use at the University, we offer an online glossary.