A Revision Control System for Image Editing in Collaborative Multimedia Design

Revision control is a vital component in the collaborative development of artifacts such as software code and multimedia. While revision control has been widely deployed for text files, very few attempts to control the versioning of binary files can be found in the literature. This can be inconvenient for graphics applications that use a significant amount of binary data, such as images, videos, meshes, and animations. Existing strategies such as storing whole files for individual revisions or simple binary deltas, respectively consume significant storage and obscure semantic information. To overcome these limitations, in this paper we present a revision control system for digital images that stores revisions in form of graphs. Besides, being integrated with Git, our revision control system also facilitates artistic creation processes in common image editing and digital painting workflows. A preliminary user study demonstrates the usability of the proposed system.Comment: pp. 512-517 (6 pages

Moving Usability Testing onto the Web

Abstract: In order to remotely obtain detailed usability data by tracking user behaviors within a given web site, a server-based usability testing environment has been created. Web pages are annotated in such a way that arbitrary user actions (such as "mouse over link" or "click back button") can be selected for logging. In addition, the system allows the experiment designer to interleave interactive questions into the usability evaluation, which for instance could be triggered by a particular sequence of actions. The system works in conjunction with clustering and visualization algorithms that can be applied to the resulting log file data. A first version of the system has been used successfully to carry out a web usability evaluation

Measuring children's search behaviour on a large scale

Children often experience problems during information-seeking using traditional search interfaces and search technologies, that are designed for adults. This is because children engage with the world in fundamentally different ways than adults. To design search technologies that support children in effective and enjoyable information-seeking, more research is needed to examine children’s specific skills and needs concerning information-seeking. Therefore, we developed an application that can monitor children’s search behaviour on a large scale. In this paper, we present the steps taken to develop this application. The basis of the application is UsaProxy, an existing system that is used to monitor the user’s usage of websites. We have increased the accuracy of UsaProxy and have developed an application that is able to extract useful information from UsaProxy’s log files

Systematic evaluation of design choices for software development tools

[Abstract]: Most design and evaluation of software tools is based on the intuition and experience of the designers. Software tool designers consider themselves typical users of the tools that they build and tend to subjectively evaluate their products rather than objectively evaluate them using established usability methods. This subjective approach is inadequate if the quality of software tools is to improve and the use of more systematic methods is advocated. This paper summarises a sequence of studies that show how user interface design choices for software development tools can be evaluated using established usability engineering techniques. The techniques used included guideline review, predictive modelling and experimental studies with users

Logging software upgrade

Vaisala weather instruments testing requires data logging to produce information for decisions making. Data logging is increasingly becoming database focused. Database logging was not usable and available to all users easily, for which reason this thesis aimed to bring database logging into internally used logging software. VB.NET based software was to be updated bringing database logging available to all users. The thesis and development of the software update used empirical research. Software principles were applied from theoretical literacy sources. Not all theoretical principles were applied to the internal software. Most software acceptance requirements were met, and software was evaluated acceptable to use. Especially its productivity was remarkable. However, its development should continue to bring all evaluation subjects to fully satisfying level. Some erroneous issues can escalate in wider use. The software was successfully updated, and it began a new era in its development lifecycle. Software was uploaded into GIT and should continue to be improved to better serve the company and its needs

Completely Automated Public Physical test to tell Computers and Humans Apart: A usability study on mobile devices

A very common approach adopted to fight the increasing sophistication and dangerousness of malware and hacking is to introduce more complex authentication mechanisms. This approach, however, introduces additional cognitive burdens for users and lowers the whole authentication mechanism acceptability to the point of making it unusable. On the contrary, what is really needed to fight the onslaught of automated attacks to users data and privacy is to first tell human and computers apart and then distinguish among humans to guarantee correct authentication. Such an approach is capable of completely thwarting any automated attempt to achieve unwarranted access while it allows keeping simple the mechanism dedicated to recognizing the legitimate user. This kind of approach is behind the concept of Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA), yet CAPTCHA leverages cognitive capabilities, thus the increasing sophistication of computers calls for more and more difficult cognitive tasks that make them either very long to solve or very prone to false negatives. We argue that this problem can be overcome by substituting the cognitive component of CAPTCHA with a different property that programs cannot mimic: the physical nature. In past work we have introduced the Completely Automated Public Physical test to tell Computer and Humans Apart (CAPPCHA) as a way to enhance the PIN authentication method for mobile devices and we have provided a proof of concept implementation. Similarly to CAPTCHA, this mechanism can also be used to prevent automated programs from abusing online services. However, to evaluate the real efficacy of the proposed scheme, an extended empirical assessment of CAPPCHA is required as well as a comparison of CAPPCHA performance with the existing state of the art. To this aim, in this paper we carry out an extensive experimental study on both the performance and the usability of CAPPCHA involving a high number of physical users, and we provide comparisons of CAPPCHA with existing flavors of CAPTCHA

Implementation of practical and secure methods for storage of cryptographic keys in applications

Dissertação de mestrado integrado em Informatics EngineeringEncryption has been essential to protect modern systems and services. It became the security foundation of databases, payment systems, cloud services, and others. Cryptography enabled the creation and validation of digital signatures, where the protection of the private key is very important to prevent false signatures. Cryptocur rencies rely on this mechanism. Crypto wallets hold private keys used to sign transactions and prove ownership of a digital asset. These have to keep the private key secure, but accessible to its owner, as it may be needed frequently. With the increasing number of decentralized web applications that interact with a blockchain, this subject has become more prevalent, as they usually require frequent signatures from the user. The mass adoption of cryptocurrencies by non-technical users urged the creation of crypto wallets that are secure but prioritize usability. Some of these are hosted services that store the private keys in their servers and others are non-hosted, where the user is responsible for storing it. When implemented as a browser plugin, these wallets allow the user to seamlessly interact with a web application. The rise of cloud technology brought forth multi-signature on the cloud, by combining different cloud services owned by the user. These give the user control of his private key and are less vulnerable to cyber attacks. In this work, it is presented a comprehensive analysis of existing crypto wallet approaches in usability and security to understand the existing problems. The next step was to propose multiple possible solutions to those problems and produce their implementations. These take advantage of previously studied multi-cloud technology and are used to attempt to improve usability and security. To evaluate the proposed solutions and to compare them to the existing ones, we have developed a framework that consisted of various objective tests based on previous work, which have the goal of evaluating security and usability. Finally, the proposed and existing solutions were compared using the proposed framework.A encriptação tem sido fundamental para proteger serviços e sistemas modernos, tornando-se essencial para proteger bases de dados, sistemas de pagamento, serviços de nuvem, entre outros. A criptografia permitiu a criação e validação de assinaturas digitais, onde a proteção da chave privada é bastante importante para impedir assinaturas falsas. As criptomoedas dependem deste mecanismo. As carteiras digitais contém chaves privadas que são usadas para assinar transações e provar a posse de um artefacto digital. Estas guardam a chave privada de forma segura e acessível ao seu proprietário, pois pode ser necessária frequentemente. Com o aumento do número de aplicações web descentralizadas que interagem com blockchains, este assunto tem ganho relevância, pois estas podem necessitar assinaturas frequentes por parte do utilizador. A adoção em massa de criptomoedas por utilizadores não técnicos levou à necessidade de criar carteiras digitais seguras, mas que priorizam a usabilidade. Algumas destas carteiras classificam-se como serviços hosted, que guardam as chaves privadas nos seus servidores, e outras como non-hosted, onde o utilizador é responsável por as guardar. Quando implementadas como um browser plugin, estas carteiras permitem o uti lizador interagir fluidamente com uma aplicação web. A ascensão da tecnologia nuvem permitiu o aparecimento da múltipla assinatura na nuvem, através da combinação de diferentes serviços de nuvem já possuídos pelo utilizador. Estes dão ao utilizador controlo total da sua chave privada e são menos vulneráveis a ciberataques. Neste trabalho, é feita uma análise compreensiva à usabilidade e segurança dos vários tipos de carteiras digitais, para perceber os seus problemas existentes. O próximo passo foi propor várias possíveis soluções aos problemas encontrados e também fazer a sua implementação. Estas utilizam trabalho previamente estudado sobre tecnologia multi-nuvem e são usadas para com intuito de melhorar a usabilidade e segurança. Para fazer uma avaliação das soluções propostas e compará-las a produtos existentes, desenvolvemos uma framework para testar segurança e usabilidade com vários testes objetivos, baseados em trabalho previamente estudado. No final, as soluções propostas e as já existentes foram comparadas utilizando o framework proposto