Development of a typing behaviour recognition mechanism on Android

This paper proposes a biometric authentication system which use password based and behavioural traits (typing behaviours) authentication technology to establish user’s identity on a mobile phone. The proposed system can work on the latest smart phone platform. It uses mobile devices to capture user’s keystroke data and transmit it to web server. The authentication engine will establish if a user is genuine or fraudulent. In addition, a multiplier of the standard deviation “α” has been defined which aims to achieve the balance between security and usability. Experimental results indicate that the developed authentication system is highly reliable and very secure with an equal error rate is below 7.5%

A System For Visual Role-Based Policy Modelling

The definition of security policies in information systems and programming applications is often accomplished through traditional low level languages that are difficult to use. This is a remarkable drawback if we consider that security policies are often specified and maintained by top level enterprise managers who would probably prefer to use simplified, metaphor oriented policy management tools. To support all the different kinds of users we propose a suite of visual languages to specify access and security policies according to the role based access control (RBAC) model. Moreover, a system implementing the proposed visual languages is proposed. The system provides a set of tools to enable a user to visually edit security policies and to successively translate them into (eXtensible Access Control Markup Language) code, which can be managed by a Policy Based Management System supporting such policy language. The system and the visual approach have been assessed by means of usability studies and of several case studies. The one presented in this paper regards the configuration of access policies for a multimedia content management platform providing video streaming services also accessible through mobile devices

Towards Better Remote Healthcare Experiences: An mHealth Video Conferencing System for Improving Healthcare Outcomes

This work investigated how to combine mobile cloud computing, video conferencing and user interface design principles to promote the effectiveness and the ease of using online healthcare appointment platforms. The Jitsi Meet video conference technology was selected from amongst 27 competing systems based on efficiency and security criteria. This platform was used as the foundation on which we designed, developed and evaluated of our video conferencing system specially designed for improving doctor-patient interaction and experiences. Nine doctor- patient functions were developed in order to facilitate efficient and effective online healthcare appointments, such as providing the doctor with the ability to collect specific video and images and full integration with existing Electronic Medical Records (EMR). The effectiveness and usability of our system were evaluated by 36 participants|31 laypersons acting as patients and doctors, and 5 actual healthcare professionals. The mean System Usability Scale (SUS) usability score was 76 (high) indicating an overall positive UI design and effective system

From usability to secure computing and back again

Secure multi-party computation (MPC) allows multiple parties to jointly compute the output of a function while preserving the privacy of any individual party’s inputs to that function. As MPC protocols transition from research prototypes to realworld applications, the usability of MPC-enabled applications is increasingly critical to their successful deployment and widespread adoption. Our Web-MPC platform, designed with a focus on usability, has been deployed for privacy-preserving data aggregation initiatives with the City of Boston and the Greater Boston Chamber of Commerce. After building and deploying an initial version of the platform, we conducted a heuristic evaluation to identify usability improvements and implemented corresponding application enhancements. However, it is difficult to gauge the effectiveness of these changes within the context of real-world deployments using traditional web analytics tools without compromising the security guarantees of the platform. This work consists of two contributions that address this challenge: (1) the Web-MPC platform has been extended with the capability to collect web analytics using existing MPC protocols, and (2) as a test of this feature and a way to inform future work, this capability has been leveraged to conduct a usability study comparing the two versions ofWeb-MPC. While many efforts have focused on ways to enhance the usability of privacy-preserving technologies, this study serves as a model for using a privacy-preserving data-driven approach to evaluate and enhance the usability of privacy-preserving websites and applications deployed in realworld scenarios. Data collected in this study yields insights into the relationship between usability and security; these can help inform future implementations of MPC solutions.Published versio

Airline E-commerce user experience experiment: An investigation of Thai LCCs passengers' purchasing behaviour among different online platforms

Purpose: This study examines the current state of the airline’s e-commerce platforms and seek to identify their benefits and disadvantages in the aspect of user experience. Design/methodology/approach: The study commenced by first reviewing the literatures on actual sale figure from the studied Thai LCC, user interface (UI) and user experience (UX). It then proceeded to gather the empirical evidences using questionnaires from 135 active air passengers who have online purchasing experience. The composite findings from literature review and surveys were then used to design and apply for the final phase which is a series of in-depth interviews of air passengers on their usability test sessions and experts from the related industries. Coding and clustering was utilised to analyse the qualitative data obtained. Findings: The study examines the differences in online ticket purchasing platforms including airline's website, mobile-site and mobile application. The results identified five areas of factors: physical, trust, willingness to learn, context of use and adjustment. With regard to these factors, there are no single platform that outperform others. Airlines need to ensure that UX/UI of all platforms meet the users’ requirements in all circumstances. Originality/value: The study reveals the customer thinking processes on online purchasing behaviour. It focuses on web-usability and user experience of different booking platforms. The findings allow the subjected LCC to improve customer experience and optimise its platforms. The paper could also benefit other entrepreneurs who are in the related industry or similar contexts. In addition, the study of user-experience in the context of airline industry, particularly in the emerging countries like Thailand is limited.Peer Reviewe

PINPOINT: Efficient and Effective Resource Isolation for Mobile Security and Privacy

Virtualization is frequently used to isolate untrusted processes and control their access to sensitive resources. However, isolation usually carries a price in terms of less resource sharing and reduced inter-process communication. In an open architecture such as Android, this price and its impact on performance, usability, and transparency must be carefully considered. Although previous efforts in developing general-purpose isolation solutions have shown that some of these negative sideeffects can be mitigated, doing so involves overcoming significant design challenges by incorporating numerous additional platform complexities not directly related to improved security. Thus, the general purpose solutions become inefficient and burdensome if the end-user has only specific security goals. In this paper, we present PINPOINT, a resource isolation strategy that forgoes general-purpose solutions in favor of a “building block” approach that addresses specific end-user security goals. PINPOINT embodies the concept of Linux Namespace lightweight isolation, but does so in the Android Framework by guiding the security designer towards isolation points that are contextually close to the resource(s) that need to be isolated. This strategy allows the rest of the Framework to function fully as intended, transparently. We demonstrate our strategy with a case study on Android System Services, and show four applications of PINPOINTed system services functioning with unmodified market apps. Our evaluation results show that practical security and privacy advantages can be gained using our approach, without inducing the problematic side-effects that other general-purpose designs must address

Cloud based testing of business applications and web services

This paper deals with testing of applications based on the principles of cloud computing. It is aimed to describe options of testing business software in clouds (cloud testing). It identifies the needs for cloud testing tools including multi-layer testing; service level agreement (SLA) based testing, large scale simulation, and on-demand test environment. In a cloud-based model, ICT services are distributed and accessed over networks such as intranet or internet, which offer large data centers deliver on demand, resources as a service, eliminating the need for investments in specific hardware, software, or on data center infrastructure. Businesses can apply those new technologies in the contest of intellectual capital management to lower the cost and increase competitiveness and also earnings. Based on comparison of the testing tools and techniques, the paper further investigates future trend of cloud based testing tools research and development. It is also important to say that this comparison and classification of testing tools describes a new area and it has not yet been done