16 research outputs found

    A Theory and Practice of Website Engagibility

    Get PDF
    This thesis explores the domain of website quality. It presents a new study of website quality - an abstraction and synthesis, a measurement methodology, and analysis - and proposes metrics which can be used to quantify it. The strategy employed involved revisiting software quality, modelling its broader perspectives and identifying quality factors which are specific to the World Wide Web (WWW). This resulted in a detailed set of elements which constitute website quality, a method for quantifying a quality measure, and demonstrating an approach to benchmarking eCommerce websites. The thesis has two dimensions. The first is a contribution to the theory of software quality - specifically website quality. The second dimension focuses on two perspectives of website quality - quality-of-product and quality-of-use - and uses them to present a new theory and methodology which are important first steps towards understanding metrics and their use when quantifying website quality. Once quantified, the websites can be benchmarked by evaluators and website owners for comparison with competitor sites. The thesis presents a study of five mature eCommerce websites. The study involves identifying, defining and collecting data counts for 67 site-level criteria for each site. These counts are specific to website product quality and include criteria such as occurrences of hyperlinks and menus which underpin navigation, occurrences of activities which underpin interactivity, and counts relating to a site’s eCommerce maturity. Lack of automated count collecting tools necessitated online visits to 537 HTML pages and performing manual counts. The thesis formulates a new approach to measuring website quality, named Metric Ratio Analysis (MRA). The thesis demonstrates how one website quality factor - engagibility - can be quantified and used for website comparison analysis. The thesis proposes a detailed theoretical and empirical validation procedure for MRA

    The development of secure and usable systems.

    Get PDF
    "People are the weakest link in the security chain"---Bruce Schneier. The aim of the thesis is to investigate the process of designing secure systems, and how designers can ensure that security mechanisms are usable and effective in practice. The research perspective is one of security as a socio-technical system. A review of the literature of security design and Human Computer Interactions in Security (HCISec) reveals that most security design methods adopt either an organisational approach, or a technical focus. And whilst HCISec has identified the need to improve usability in computer security, most of the current research in this area is addressing the issue by improving user interfaces to security tools. Whilst this should help to reduce users' errors and workload, this approach does not address problems which arise from the difficulty of reconciling technical requirements and human factors. To date, little research has been applied to socio-technical approaches to secure system design methods. Both identifying successful socio-technical design approaches and gaining a better understanding of the issues surrounding their application is required to address this gap. Appropriate and Effective Guidance for Information Security (AEGIS) is a socio-technical secure system development methodology developed for this purpose. It takes a risk-based approach to security design and focuses on recreating the contextual information surrounding the system in order to better inform security decisions, with the aim of making these decisions better suited to users' needs. AEGIS uses a graphical notation defined in the UML Meta-Object Facility to provide designers with a familiar and well- supported means of building models. Grid applications were selected as the area in which to apply and validate AEGIS. Using the research methodology Action Research, AEGIS was applied to a total of four Grid case studies. This allowed in the first instance the evaluation and refinement of AEGIS on real- world systems. Through the use of the qualitative data analysis methodology Grounded Theory, the design session transcripts gathered from the Action Research application of AEGIS were then further analysed. The resulting analysis identified important factors affecting the design process - separated into categories of responsibility, motivation, stakeholders and communication. These categories were then assembled into a model informing the factors and issues that affect socio-technical secure system design. This model therefore provides a key theoretical insight into real-world issues and is a useful foundation for improving current practice and future socio-technical secure system design methodologies

    An investigation as to how a computerised multimedia intervention could be of use for practitioners supporting learners with Autism Spectrum Disorder (ASD)

    Get PDF
    This practice-based action research investigation seeks to make a valuable, original and academic contribution to knowledge in the computing, language, communication and educational fields. The aim was to establish the therapeutic (language and communication skills) and educational (literacy and numeracy skills) use of individual tailored computer games for practitioners supporting learners (end-users) with Autism Spectrum Disorder (ASD). This was achieved through a continuous collaboration of cohorts of computing undergraduate students and academics (the development team) carrying out an assignment for a module designed and successfully led by this PhD student (the researcher). The researcher continually collaborated with practitioners (users – teaching staff and speech and language therapists in schools) of learners with ASD over many years. The researcher developed a Computerised Multimedia Therapeutic/Educational Intervention (CMT/EI) process, which used an iterative holistic Design-For-One approach for developing individual computer games. An action research methodology was adopted using methodological triangulation ‘quantitative’ and ‘qualitative’ data collection methods. This was to ascertain as to how tailor-made computerised multimedia games developed, could be evaluated by the users as being of therapeutic/educational use for their learners (end-users) with ASD. The researcher originated profiles to establish the diversity of each learner’s spectrum of therapeutic/educational autistic needs, preferences, capabilities, likes, dislikes and interests. The researcher orchestrated, collaborated and supervised the whole process from individual profiles completed by the practitioners, through to the profiles used as a baseline, by the development team, and to the designing, developing and evaluating iterative customised personalised computer games. Four hundred and sixty-four learners with ASD (end-users) and forty-nine practitioners (users) from nine educational establishments across the UK participated in this investigation. Two stages were carried out in an initial application procedure (with one school) and prototype procedure (with a further six schools and 2 educational establishments). Stage I - Planning, collection, organisation, Design-For-One approach and development. Stage II - Testing, Evaluation, Monitoring, Reflection and Maintenance. Optimistic ‘quantitative’ and ‘qualitative’ evidence emerged (using content analysis) from the implementation of games in the classroom and the practitioner’s therapeutic and educational evaluation of storyboards and games. The documented positive findings led to a conclusion that personalised games which had been developed over a ten-year period, showed to be of therapeutic/educational use to practitioners and their learners with ASD

    A case study of balance and integration in worth-focused research through design

    Get PDF
    Understandings of, and objectives for, Interaction Design have been extended over the last few decades. Firstly, a single user-centred focus for Interaction Design is no longer regarded as adequate where any single central focus for design is now questioned. Post-centric approaches such as Balanced, Integrated and Generous (BIG) Design propose to achieve a broadened worth-focused content scope for Interaction Design, where worth is the balance of increasing benefits over reducing costs and generosity of choice. Secondly, there has been a broadened scope for disciplinary values in Human-Computer Interaction research, with the initial engineering and human science values of User-Centred Design and Human-Computer Interaction now complemented by the rapidly maturing creative field of Research through Design (RtD). Thirdly, RtD as a form of creative reflective practice does not have a sequential process, but needs parallel activities that can achieve total iteration potential (i.e., no restrictions on iteration sequences). Structured reflective tools such as the Working to Choose Framework may reveal this potential. An important opportunity remained that a complete challenging case study that integrated these domains (worth-focus) and tools (RtD, structured reflection) was carried out. The case study addressed the challenging social issues associated with supporting care circles of individuals with disabilities. It is original in completely tracking the combination of RtD with worth-focused Interaction Design, supported by established user-centred practices. The resulting research has made contributions through the tracking of the RtD process to: worth-focused design and evaluation resources; structured reflection; demonstration of innovative parallel balanced and integrated forms of iteration; and to future social innovation for disability support

    An evaluation of the ‘open source internet research tool’: a user-centred and participatory design approach with UK law enforcement

    Get PDF
    As part of their routine investigations, law enforcement conducts open source research; that is, investigating and researching using publicly available information online. Historically, the notion of collecting open sources of information is as ingrained as the concept of intelligence itself. However, utilising open source research in UK law enforcement is a relatively new concept not generally, or practically, considered until after the civil unrest seen in the UK’s major cities in the summer of 2011. While open source research focuses on the understanding of bein‘publicly available’, there are legal, ethical and procedural issues that law enforcement must consider. This asks the following mainresearch question: What constraints do law enforcement face when conducting open source research? From a legal perspective, law enforcement officials must ensure their actions are necessary and proportionate, more so where an individual’s privacy is concerned under human rights legislation and data protection laws such as the General Data Protection Regulation. Privacy issues appear, though, when considering the boom and usage of social media, where lines can be easily blurred as to what is public and private. Guidance from Association of Chief Police Officers (ACPO) and, now, the National Police Chief’s Council (NPCC) tends to be non-committal in tone, but nods towards obtaining legal authorisation under the Regulation of Investigatory Powers Act (RIPA) 2000 when conducting what may be ‘directed surveillance’. RIPA, however, pre-dates the modern era of social media by several years, so its applicability as the de-facto piece of legislation for conducting higher levels of open source research is called into question. 22 semi-structured interviews with law enforcement officials were conducted and discovered a grey area surrounding legal authorities when conducting open source research. From a technical and procedural aspect of conducting open source research, officers used a variety of software tools that would vary both in price and quality, with no standard toolset. This was evidenced from 20 questionnaire responses from 12 police forces within the UK. In an attempt to bring about standardisation, the College of Policing’s Research, Identifying and Tracing the Electronic Suspect (RITES) course recommended several capturing and productivity tools. Trainers on the RITES course, however, soon discovered the cognitive overload this had on the cohort, who would often spend more time learning to use the tools than learn about open source research techniques. The problem highlighted above prompted the creation of Open Source Internet Research Tool (OSIRT); an all-in-one browser for conducting open source research. OSIRT’s creation followed the user-centred design (UCD) method, with two phases of development using the software engineering methodologies ‘throwaway prototyping’, for the prototype version, and ‘incremental and iterative development’ for the release version. OSIRT has since been integrated into the RITES course, which trains over 100 officers a year, and provides a feedback outlet for OSIRT. System Usability Scale questionnaires administered on RITES courses have shown OSIRT to be usable, with feedback being positive. Beyond the RITES course, surveys, interviews and observations also show OSIRT makes an impact on everyday policing and has reduced the burden officers faced when conducting opens source research. OSIRT’s impact now reaches beyond the UK and sees usage across the globe. OSIRT contributes to law enforcement output in countries such as the USA, Canada, Australia and even Israel, demonstrating OSIRT’s usefulness and necessity are not only applicable to UK law enforcement. This thesis makes several contributions both academically and from a practical perspective to law enforcement. The main contributions are: ‱ Discussion and analysis of the constraints law enforcement within the UK face when conducting open source research from a legal, ethical and procedural perspective. ‱ Discussion, analysis and reflective discourse surrounding the development of a software tool for law enforcement and the challenges faced in what is a unique development. ‱ An approach to collaborating with those who are in ‘closed’ environments, such as law enforcement, to create bespoke software. Additionally, this approach offers a method of measuring the value and usefulness of OSIRT with UK law enforcement. ‱ The creation and integration of OSIRT in to law enforcement and law enforcement training packages

    Skyler and Bliss

    Get PDF
    Hong Kong remains the backdrop to the science fiction movies of my youth. The city reminds me of my former training in the financial sector. It is a city in which I could have succeeded in finance, but as far as art goes it is a young city, and I am a young artist. A frustration emerges; much like the mould, the artist also had to develop new skills by killing off his former desires and manipulating technology. My new series entitled HONG KONG surface project shows a new direction in my artistic research in which my technique becomes ever simpler, reducing the traces of pixelation until objects appear almost as they were found and photographed. Skyler and Bliss presents tectonic plates based on satellite images of the Arctic. Working in a hot and humid Hong Kong where mushrooms grow ferociously, a city artificially refrigerated by climate control, this series provides a conceptual image of a imaginary typographic map for survival. (Laurent Segretier

    Exploring human factors issues & possible countermeasures in password authentication

    Get PDF
    PhD ThesisThis thesis is concerned with usable security. It describes a series of experiments to understand users’ behaviour in the domain of password authentication. The thesis is comprised of two parts. Part 1 reports on experiments into how different persuasion strategies can be used to increase the strength of users’ password. Existing research indicates that the lack of persuasive elements in password guidelines may lead to a lack of motivation to produce strong passwords. Thus, an experimental study involving seventy-five participants was conducted to evaluate the effectiveness of a range of persuasion strategies on password strength. In addition this experiment explores how personality variables affect the susceptibility of users to persuasion. The results showed that passwords created by users who received password guidelines that include a persuasion strategy produce stronger passwords than a control group. In terms of the personality variables, the result shows that there are certain personality types that tend to produce slightly better passwords than others; but it is difficult to draw a firm conclusion about how personality affects susceptibility to persuasion. The second part of this thesis presents an innovative alternative to text-based passwords, namely, graphical password schemes. Graphical passwords take advantage of the superior ability of humans to remember graphics and pictures over text and numbers. Research shows that graphical password schemes are a promising alternative, but that they are susceptible to shoulder surfing attacks, resulting in scepticism about adoption. Thus in part 2 of the thesis, three innovative shoulder surfing defence techniques are proposed and implemented in a small-scale prototype with a specific focus given to one type of graphical password; The Draw-A-Secret (DAS) scheme. The results of two separate experimental studies involving sixty-five and thirty participants respectively to evaluate the proposed defence techniques from the perspectives of security and usability are presented. The results show that the technique which, on theoretical grounds, was expected to be quite effective, provides little protection. A second technique which did provide the best overall shoulder surfing defence; created usability problems. But a third technique provided a reasonable shoulder surfing defence and good usability simultaneously; a good balance which the other two techniques did not achieve. The proposed defence techniques and experimental results are directly relevant to other graphical password schemes of the same category with slight modification to suit the requirements of the scheme intended. In summary, the thesis contributes to the discussion of some key usability problems which exist around password authentication domains. All the proposed countermeasures are evaluated through a series of experimental studies which present several intriguing discussions and promising findings
    corecore