16 research outputs found
A Theory and Practice of Website Engagibility
This thesis explores the domain of website quality. It presents a new study of website quality - an abstraction and synthesis, a measurement methodology, and analysis - and proposes metrics which can be used to quantify it. The strategy employed involved revisiting software quality, modelling its broader perspectives and identifying quality factors which are specific to the World Wide Web (WWW). This resulted in a detailed set of elements which constitute website quality, a method for quantifying a quality measure, and demonstrating an approach to benchmarking eCommerce websites. The thesis has two dimensions. The first is a contribution to the theory of software quality - specifically website quality. The second dimension focuses on two perspectives of website quality - quality-of-product and quality-of-use - and uses them to present a new theory and methodology which are important first steps towards understanding metrics and their use when quantifying website quality. Once quantified, the websites can be benchmarked by evaluators and website owners for comparison with competitor sites. The thesis presents a study of five mature eCommerce websites. The study involves identifying, defining and collecting data counts for 67 site-level criteria for each site. These counts are specific to website product quality and include criteria such as occurrences of hyperlinks and menus which underpin navigation, occurrences of activities which underpin interactivity, and counts relating to a siteâs eCommerce maturity. Lack of automated count collecting tools necessitated online visits to 537 HTML pages and performing manual counts. The thesis formulates a new approach to measuring website quality, named Metric Ratio Analysis (MRA). The thesis demonstrates how one website quality factor - engagibility - can be quantified and used for website comparison analysis. The thesis proposes a detailed theoretical and empirical validation procedure for MRA
The development of secure and usable systems.
"People are the weakest link in the security chain"---Bruce Schneier. The aim of the thesis is to investigate the process of designing secure systems, and how designers can ensure that security mechanisms are usable and effective in practice. The research perspective is one of security as a socio-technical system. A review of the literature of security design and Human Computer Interactions in Security (HCISec) reveals that most security design methods adopt either an organisational approach, or a technical focus. And whilst HCISec has identified the need to improve usability in computer security, most of the current research in this area is addressing the issue by improving user interfaces to security tools. Whilst this should help to reduce users' errors and workload, this approach does not address problems which arise from the difficulty of reconciling technical requirements and human factors. To date, little research has been applied to socio-technical approaches to secure system design methods. Both identifying successful socio-technical design approaches and gaining a better understanding of the issues surrounding their application is required to address this gap. Appropriate and Effective Guidance for Information Security (AEGIS) is a socio-technical secure system development methodology developed for this purpose. It takes a risk-based approach to security design and focuses on recreating the contextual information surrounding the system in order to better inform security decisions, with the aim of making these decisions better suited to users' needs. AEGIS uses a graphical notation defined in the UML Meta-Object Facility to provide designers with a familiar and well- supported means of building models. Grid applications were selected as the area in which to apply and validate AEGIS. Using the research methodology Action Research, AEGIS was applied to a total of four Grid case studies. This allowed in the first instance the evaluation and refinement of AEGIS on real- world systems. Through the use of the qualitative data analysis methodology Grounded Theory, the design session transcripts gathered from the Action Research application of AEGIS were then further analysed. The resulting analysis identified important factors affecting the design process - separated into categories of responsibility, motivation, stakeholders and communication. These categories were then assembled into a model informing the factors and issues that affect socio-technical secure system design. This model therefore provides a key theoretical insight into real-world issues and is a useful foundation for improving current practice and future socio-technical secure system design methodologies
An investigation as to how a computerised multimedia intervention could be of use for practitioners supporting learners with Autism Spectrum Disorder (ASD)
This practice-based action research investigation seeks to make a valuable, original and academic contribution to knowledge in the computing, language, communication and educational fields. The aim was to establish the therapeutic (language and communication skills) and educational (literacy and numeracy skills) use of individual tailored computer games for practitioners supporting learners (end-users) with Autism Spectrum Disorder (ASD). This was achieved through a continuous collaboration of cohorts of computing undergraduate students and academics (the development team) carrying out an assignment for a module designed and successfully led by this PhD student (the researcher). The researcher continually collaborated with practitioners (users â teaching staff and speech and language therapists in schools) of learners with ASD over many years.
The researcher developed a Computerised Multimedia Therapeutic/Educational Intervention (CMT/EI) process, which used an iterative holistic Design-For-One approach for developing individual computer games. An action research methodology was adopted using methodological triangulation âquantitativeâ and âqualitativeâ data collection methods. This was to ascertain as to how tailor-made computerised multimedia games developed, could be evaluated by the users as being of therapeutic/educational use for their learners (end-users) with ASD. The researcher originated profiles to establish the diversity of each learnerâs spectrum of therapeutic/educational autistic needs, preferences, capabilities, likes, dislikes and interests. The researcher orchestrated, collaborated and supervised the whole process from individual profiles completed by the practitioners, through to the profiles used as a baseline, by the development team, and to the designing, developing and evaluating iterative customised personalised computer games. Four hundred and sixty-four learners with ASD (end-users) and forty-nine practitioners (users) from nine educational establishments across the UK participated in this investigation. Two stages were carried out in an initial application procedure (with one school) and prototype procedure (with a further six schools and 2 educational establishments).
Stage I - Planning, collection, organisation, Design-For-One approach and development. Stage II - Testing, Evaluation, Monitoring, Reflection and Maintenance. Optimistic âquantitativeâ and âqualitativeâ evidence emerged (using content analysis) from the implementation of games in the classroom and the practitionerâs therapeutic and educational evaluation of storyboards and games. The documented positive findings led to a conclusion that personalised games which had been developed over a ten-year period, showed to be of therapeutic/educational use to practitioners and their learners with ASD
A case study of balance and integration in worth-focused research through design
Understandings of, and objectives for, Interaction Design have been extended over the last few decades.
Firstly, a single user-centred focus for Interaction Design is no longer regarded as adequate where any single central focus for design is now questioned. Post-centric approaches such as Balanced, Integrated and Generous (BIG) Design propose to achieve a broadened worth-focused content scope for Interaction Design, where worth is the balance of increasing benefits over reducing costs and generosity of choice.
Secondly, there has been a broadened scope for disciplinary values in Human-Computer Interaction research, with the initial engineering and human science values of User-Centred Design and Human-Computer Interaction now complemented by the rapidly maturing creative field of Research through Design (RtD).
Thirdly, RtD as a form of creative reflective practice does not have a sequential process, but needs parallel activities that can achieve total iteration potential (i.e., no restrictions on iteration sequences). Structured reflective tools such as the Working to Choose Framework may reveal this potential.
An important opportunity remained that a complete challenging case study that integrated these domains (worth-focus) and tools (RtD, structured reflection) was carried out.
The case study addressed the challenging social issues associated with supporting care circles of individuals with disabilities. It is original in completely tracking the combination of RtD with worth-focused Interaction Design, supported by established user-centred practices.
The resulting research has made contributions through the tracking of the RtD process to: worth-focused design and evaluation resources; structured reflection; demonstration of innovative parallel balanced and integrated forms of iteration; and to future social innovation for disability support
An evaluation of the âopen source internet research toolâ: a user-centred and participatory design approach with UK law enforcement
As part of their routine investigations, law enforcement conducts open source research; that is, investigating and researching using publicly available information online. Historically, the notion of collecting open sources of information is as ingrained as the concept of intelligence itself. However, utilising open source research in UK law enforcement is a relatively new concept not generally, or practically, considered until after the civil unrest seen in the UKâs major cities in the summer of 2011.
While open source research focuses on the understanding of beinâpublicly availableâ, there are legal, ethical and procedural issues that law enforcement must consider. This asks the following mainresearch question: What constraints do law enforcement face when conducting open source research? From a legal perspective, law enforcement officials must ensure their actions are necessary and proportionate, more so where an individualâs privacy is concerned under human rights legislation and data protection laws such as the General Data Protection Regulation. Privacy issues appear, though, when considering the boom and usage of social media, where lines can be easily blurred as to what is public and private.
Guidance from Association of Chief Police Officers (ACPO) and, now, the National Police Chiefâs Council (NPCC) tends to be non-committal in tone, but nods towards obtaining legal authorisation under the Regulation of Investigatory Powers Act (RIPA) 2000 when conducting what may be âdirected surveillanceâ. RIPA, however, pre-dates the modern era of social media by several years, so its applicability as the de-facto piece of legislation for conducting higher levels of open source research is called into question. 22 semi-structured interviews with law enforcement officials were conducted and discovered a grey area surrounding legal authorities when conducting open source research.
From a technical and procedural aspect of conducting open source research, officers used a variety of software tools that would vary both in price and quality, with no standard toolset. This was evidenced from 20 questionnaire responses from 12 police forces within the UK. In an attempt to bring about standardisation, the College of Policingâs Research, Identifying and Tracing the Electronic Suspect (RITES) course recommended several capturing and productivity tools. Trainers on the RITES course, however, soon discovered the cognitive overload this had on the cohort, who would often spend more time learning to use the tools than learn about open source research techniques.
The problem highlighted above prompted the creation of Open Source Internet Research Tool (OSIRT); an all-in-one browser for conducting open source research. OSIRTâs creation followed the user-centred design (UCD) method, with two phases of development using the software engineering methodologies âthrowaway prototypingâ, for the prototype version, and âincremental and iterative developmentâ for the release version.
OSIRT has since been integrated into the RITES course, which trains over 100 officers a year, and provides a feedback outlet for OSIRT. System Usability Scale questionnaires administered on RITES courses have shown OSIRT to be usable, with feedback being positive. Beyond the RITES course, surveys, interviews and observations also show OSIRT makes an impact on everyday policing and has reduced the burden officers faced when conducting opens source research.
OSIRTâs impact now reaches beyond the UK and sees usage across the globe. OSIRT contributes to law enforcement output in countries such as the USA, Canada, Australia and even Israel, demonstrating OSIRTâs usefulness and necessity are not only applicable to UK law enforcement.
This thesis makes several contributions both academically and from a practical perspective to law enforcement. The main contributions are:
âą Discussion and analysis of the constraints law enforcement within the UK face when conducting open source research from a legal, ethical and procedural perspective.
âą Discussion, analysis and reflective discourse surrounding the development of a software tool for law enforcement and the challenges faced in what is a unique development.
âą An approach to collaborating with those who are in âclosedâ environments, such as law enforcement, to create bespoke software. Additionally, this approach offers a method of measuring the value and usefulness of OSIRT with UK law enforcement.
âą The creation and integration of OSIRT in to law enforcement and law enforcement training packages
The Diffusion of a Personal Health Record for Patients with Type 2 Diabetes Mellitus in Primary Care
Skyler and Bliss
Hong Kong remains the backdrop to the science fiction movies of my youth. The city reminds me of my former training in the financial sector. It is a city in which I could have succeeded in finance, but as far as art goes it is a young city, and I am a young artist. A frustration emerges; much like the mould, the artist also had to develop new skills by killing off his former desires and manipulating technology. My new series entitled HONG KONG surface project shows a new direction in my artistic research in which my technique becomes ever simpler, reducing the traces of pixelation until objects appear almost as they were found and photographed. Skyler and Bliss presents tectonic plates based on satellite images of the Arctic. Working in a hot and humid Hong Kong where mushrooms grow ferociously, a city artificially refrigerated by climate control, this series provides a conceptual image of a imaginary typographic map for survival. (Laurent Segretier
Exploring human factors issues & possible countermeasures in password authentication
PhD ThesisThis thesis is concerned with usable security. It describes a series of experiments to
understand usersâ behaviour in the domain of password authentication. The thesis is
comprised of two parts. Part 1 reports on experiments into how different persuasion strategies
can be used to increase the strength of usersâ password. Existing research indicates that the
lack of persuasive elements in password guidelines may lead to a lack of motivation to
produce strong passwords. Thus, an experimental study involving seventy-five participants
was conducted to evaluate the effectiveness of a range of persuasion strategies on password
strength. In addition this experiment explores how personality variables affect the
susceptibility of users to persuasion.
The results showed that passwords created by users who received password guidelines that
include a persuasion strategy produce stronger passwords than a control group. In terms of
the personality variables, the result shows that there are certain personality types that tend to
produce slightly better passwords than others; but it is difficult to draw a firm conclusion
about how personality affects susceptibility to persuasion.
The second part of this thesis presents an innovative alternative to text-based passwords,
namely, graphical password schemes. Graphical passwords take advantage of the superior
ability of humans to remember graphics and pictures over text and numbers. Research shows
that graphical password schemes are a promising alternative, but that they are susceptible to
shoulder surfing attacks, resulting in scepticism about adoption. Thus in part 2 of the thesis,
three innovative shoulder surfing defence techniques are proposed and implemented in a
small-scale prototype with a specific focus given to one type of graphical password; The
Draw-A-Secret (DAS) scheme. The results of two separate experimental studies involving
sixty-five and thirty participants respectively to evaluate the proposed defence techniques
from the perspectives of security and usability are presented.
The results show that the technique which, on theoretical grounds, was expected to be quite
effective, provides little protection. A second technique which did provide the best overall
shoulder surfing defence; created usability problems. But a third technique provided a
reasonable shoulder surfing defence and good usability simultaneously; a good balance which
the other two techniques did not achieve. The proposed defence techniques and experimental
results are directly relevant to other graphical password schemes of the same category with
slight modification to suit the requirements of the scheme intended.
In summary, the thesis contributes to the discussion of some key usability problems which
exist around password authentication domains. All the proposed countermeasures are
evaluated through a series of experimental studies which present several intriguing
discussions and promising findings