In honor of John Karat's contributions to the usable privacy and security community and his dedication to mentoring students, SOUPS has instituted the John Karat Usable Privacy and Security Student Research Award.
2020 | 2019 | 2018 | 2017 | 2016
2020: Daniel Votipka, University of Maryland
Daniel Votipka completed his PhD at the University of Maryland (UMD). Daniel’s most significant research contribution has been to the relatively understudied problem of human factors in security professional work (e.g., secure development, network security). His work in this area resulted in several top-tier papers and two USENIX Security distinguished paper awards. He has also played an important role in growing this field, organizing the Workshop on Security Information Workers—one of the few security-professional-focused venues—and participating in the first Dagstuhl workshop on empirical studies of secure development.
Daniel has been an outstanding mentor, both at UMD and in the broader SOUPS community. At UMD, he regularly mentored younger students in his lab, guiding their research, as well as helping them learn valuable life skills about communication, responsibility, and time management. He was also a co-chair of the first-ever SOUPS student mentorship program.
Daniel Votipka is currently an Assistant Professor at Tufts University.
2019: Tousif Ahmed, Indiana University
Tousif Ahmed completed his PhD from Indiana University in 2019 under the supervision of Dr. Apu Kapadia. In his thesis, he explored the unique privacy and security challenges of people with visual impairments as well as design, implement, and evaluate solutions to address the concerns. His work has inspired subsequent research in usable privacy and security, with some citing work as “foundational” in addressing the physical safety and security of people with visual impairments.
In addition to his research, Tousif mentored five undergraduate students and two PhD students to identify a research topic in usable security and privacy, who later published usable security and privacy papers in top-tier conferences. Tousif also contributed to the growth of the usable privacy and security community by reviewing papers, organizing workshops, and serving as a program committee member.
Tousif Ahmed is currently a research engineer at Samsung Research.
2018: Yasemin Acar, Leibniz University Hannover
2018: Elissa Redmiles, University of Maryland
Elissa’s research focuses on security advice and decision-making. While such work has been pursued before, it has often focused broadly on “home computer users” and methodological approaches used typically omit specialized sub-populations such as low socioeconomic status (low-SES) users. She published 13 top-tier conference papers, 4 workshop papers, one invited book chapter (forthcoming), and one journal article (conditional acceptance) in her three years as a Ph.D. student.
Her work has resulted in a few tangible research impacts: based on her digital divide-related work, the Committee on Information Technology for the City of San Francisco completed a study of digital security outcomes, advice sources, and knowledge among their low-income residents and took steps to improve access and security for their low-SES populations; on the basis of her work under the mentorship of her two co-authors, Facebook modified their spam classification algorithm to better account for the needs of a diverse population.
Her focus on equity went beyond research to student mentorship: Elissa independently mentored a team of five first-generation, under-represented undergraduate researchers with whom she was paired through the University of Pittsburgh Information Inclusion Institute. Together, she co-authored a paper – her first as the sole advisor of a research group – on Virtual Reality privacy, security, and ethics, that appeared at SOUPS 2018. She wrote and was awarded two small grants as PI to develop, run, and evaluate K-12 curriculum and outreach programs at local schools. She also mentored and co-authored with six undergraduates in her advisors’ research group and was co-chair of the UMD GradWomen in Computing group.
Elissa is currently a faculty member & research group leader at the Max Planck Institute for Software Systems
2017: Sascha Fahl, CISPA
2017: Scott Ruoti, Brigham Young University
Scott Ruoti earned his Ph.D. from Brigham Young University in 2016. His research is centered at the intersection of application security and human factors. Scott’s Ph.D. dissertation focused on identifying the design principles necessary to create usable secure email, with his work producing the first secure email system empirically demonstrated to be usable by novices. Additionally, Scott also conducted research on authentication and TLS proxies. His work has been published in numerous top venues, with the Karat Award recognizing his work at CHI (“We’re on the Same Page”: A Usability Study of Secure Email Using Pairs of Novice Users), UIST (Private Webmail 2.0: Simple and Easy-to-Use Secure Email), and SOUPS (User Attitudes Toward the Inspection of Encrypted Traffic).
While earning his Ph.D., Scott mentored many students (7 undergraduate, 7 Master’s, and 3 Ph.D.), helping guide them through their first experiences with usable privacy and security research. He also served on the program committee for EuroUSEC and the SOUPS poster jury, along with providing individual reviews for CHI, CCS, and MOST.
Scott Ruoti is currently an Assistant Professor at The University of Tennessee, Knoxville.
2016: Blase Ur, Carnegie Mellon University
Blase Ur received his PhD in 2016 from the interdisciplinary Societal Computing program at Carnegie Mellon University's School of Computer Science. He interned at Microsoft Research Redmond in 2013 with Jaeyeon Jung and Stuart Schechter. He holds an MS from Carnegie Mellon University and an AB from Harvard University.
His research centers on computer security, privacy, and human-computer interaction (HCI). Blase particularly enjoys building and testing data-driven systems that support users' security and privacy decisions. His dissertation focused on supporting password-security decisions with data. He has also worked extensively on improving users' online privacy, as well as making Internet-of-Things (IoT) devices more secure, privacy-protective, and usable.
Blase has published at top security and privacy conferences, top HCI conferences, and many interdisciplinary venues. He has received two best paper awards (USENIX Security 2016, UbiComp 2014), as well as two honorable mentions for best paper (CHI 2016, CHI 2012) during his PhD journey. He has been awarded an NDSEG fellowship, a Fulbright scholarship, and a Yahoo Key Scientific Challenges Award. He also served on a number of program committees in the area of usable security and privacy.
Blase Ur is currently a Neubauer Family Assistant Professor of Computer Science at the University of Chicago, where he researches security, privacy, human-computer interaction, and ethical AI.