From usability to secure computing and back again

Secure multi-party computation (MPC) allows multiple parties to jointly compute the output of a function while preserving the privacy of any individual party’s inputs to that function. As MPC protocols transition from research prototypes to realworld applications, the usability of MPC-enabled applications is increasingly critical to their successful deployment and widespread adoption. Our Web-MPC platform, designed with a focus on usability, has been deployed for privacy-preserving data aggregation initiatives with the City of Boston and the Greater Boston Chamber of Commerce. After building and deploying an initial version of the platform, we conducted a heuristic evaluation to identify usability improvements and implemented corresponding application enhancements. However, it is difficult to gauge the effectiveness of these changes within the context of real-world deployments using traditional web analytics tools without compromising the security guarantees of the platform. This work consists of two contributions that address this challenge: (1) the Web-MPC platform has been extended with the capability to collect web analytics using existing MPC protocols, and (2) as a test of this feature and a way to inform future work, this capability has been leveraged to conduct a usability study comparing the two versions ofWeb-MPC. While many efforts have focused on ways to enhance the usability of privacy-preserving technologies, this study serves as a model for using a privacy-preserving data-driven approach to evaluate and enhance the usability of privacy-preserving websites and applications deployed in realworld scenarios. Data collected in this study yields insights into the relationship between usability and security; these can help inform future implementations of MPC solutions.Published versio

Secure multi-party computation for analytics deployed as a lightweight web application

We describe the definition, design, implementation, and deployment of a secure multi-party computation protocol and web application. The protocol and application allow groups of cooperating parties with minimal expertise and no specialized resources to compute basic statistical analytics on their collective data sets without revealing the contributions of individual participants. The application was developed specifically to support a Boston Women’s Workforce Council (BWWC) study of wage disparities within employer organizations in the Greater Boston Area. The application has been deployed successfully to support two data collection sessions (in 2015 and in 2016) to obtain data pertaining to compensation levels across genders and demographics. Our experience provides insights into the particular security and usability requirements (and tradeoffs) a successful “MPC-as-a-service” platform design and implementation must negotiate.We would like to acknowledge all the members of the Boston Women’s Workforce Council, and to thank in particular MaryRose Mazzola, Christina M. Knowles, and Katie A. Johnston, who led the efforts to organize participants and deploy the protocol as part of the 100% Talent: The Boston Women’s Compact [31], [32] data collections. We also thank the Boston University Initiative on Cities (IOC), and in particular Executive Director Katherine Lusk, who brought this potential application of secure multi-party computation to our attention. The BWWC, the IOC, and several sponsors contributed funding to complete this work. Support was also provided in part by Smart-city Cloud-based Open Platform and Ecosystem (SCOPE), an NSF Division of Industrial Innovation and Partnerships PFI:BIC project under award #1430145, and by Modular Approach to Cloud Security (MACS), an NSF CISE CNS SaTC Frontier project under award #1414119

Demarcating mobile phone interface design guidelines to expedite selection

Guidelines are recommended as a tool for informing user interface design. Despite a proliferation of guidelines in the research literature, there is little evidence of their use in industry, nor their influence in academic literature. In this paper, we explore the research literature related to mobile phone design guidelines to find out why this should be so. We commenced by carrying out a scoping literature review of the mobile phone design guideline literature to gain insight into the maturity of the field. The question we wanted to explore was: “Are researchers building on each others’ guidelines, or is the research field still in the foundational stage?” We discovered a poorly structured field, with many researchers proposing new guidelines, but little incremental refinement of extant guidelines. It also became clear that the current reporting of guidelines did not explicitly communicate their multi-dimensionality or deployment context. This leaves designers without a clear way of discriminating between guidelines, and could contribute to the lack of deployment we observed. We conducted a thematic analysis of papers identified by means of a systematic literature review to identify a set of dimensions of mobile phone interface design guidelines. The final dimensions provide a mechanism for differentiating guidelines and expediting choice

Evaluating usability of cross-platform smartphone applications

The computing power of smartphones is increasing as time goes. However, the proliferation of multiple different types of operating platforms affected interoperable smartphone applications development. Thus, the cross-platform development tools are coined. Literature showed that smartphone applications developed with the native platforms have better user experience than the cross-platform counterparts. However, comparative evaluation of usability of cross-platform applications on the deployment platforms is not studied yet. In this work, we evaluated usability of a crossword puzzle developed with PhoneGap on Android, Windows Phone, and BlackBerry. The evaluation was conducted focusing on the developer's adaptation effort to native platforms and the end users. Thus, we observed that usability of the cross-platform crossword puzzle is unaffected on the respective native platforms and the SDKs require only minimal configuration effort. In addition, we observed the prospect of HTML5 and related web technologies as our future work towards evaluating and enhancing usability in composing REST-based services for smartphone applications

Use of scenario evaluation in preparation for deployment of a collaborative system for knowledge transfer - the case of KiMERA

This paper presented an approach for the evaluation of a collaborative system, after the completion of system development and software testing but before its deployment. Scenario and collaborative episodes were designed and data collected from users role-playing. This was found to be a useful step in refining the user training, in setting the right level of user expectation when the system started to roll-out to real users and in providing feedback to the development team

The Value of User-Visible Internet Cryptography

Cryptographic mechanisms are used in a wide range of applications, including email clients, web browsers, document and asset management systems, where typical users are not cryptography experts. A number of empirical studies have demonstrated that explicit, user-visible cryptographic mechanisms are not widely used by non-expert users, and as a result arguments have been made that cryptographic mechanisms need to be better hidden or embedded in end-user processes and tools. Other mechanisms, such as HTTPS, have cryptography built-in and only become visible to the user when a dialogue appears due to a (potential) problem. This paper surveys deployed and potential technologies in use, examines the social and legal context of broad classes of users, and from there, assesses the value and issues for those users

Eras of electric vehicles: electric mobility on the Verge. Focus Attention Scale

Daily or casual passenger vehicles in cities have negative burden on our finite world. Transport sector has been one of the main contributors to air pollution and energy depletion. Providing alternative means of transport is a promising strategy perceived by motor manufacturers and researchers. The paper presents the battery electric vehicles-BEVs bibliography that starts with the early eras of invention up till 2015 outlook. It gives a broad overview of BEV market and its technology in a chronological classification while sheds light on the stakeholders’ focus attentions in each stage, the so called, Focus-Attention-Scale-FAS. The attention given in each era is projected and parsed in a scale graph, which varies between micro, meso, and macro-scale. BEV-system is on the verge of experiencing massive growth; however, the system entails a variety of substantial challenges. Observations show the main issues of BEVsystem that require more attention followed by the authors’ recommendations towards an emerging market