Usability and Trust in Information Systems

The need for people to protect themselves and their assets is as old as humankind. People's physical safety and their possessions have always been at risk from deliberate attack or accidental damage. The advance of information technology means that many individuals, as well as corporations, have an additional range of physical (equipment) and electronic (data) assets that are at risk. Furthermore, the increased number and types of interactions in cyberspace has enabled new forms of attack on people and their possessions. Consider grooming of minors in chat-rooms, or Nigerian email cons: minors were targeted by paedophiles before the creation of chat-rooms, and Nigerian criminals sent the same letters by physical mail or fax before there was email. But the technology has decreased the cost of many types of attacks, or the degree of risk for the attackers. At the same time, cyberspace is still new to many people, which means they do not understand risks, or recognise the signs of an attack, as readily as they might in the physical world. The IT industry has developed a plethora of security mechanisms, which could be used to mitigate risks or make attacks significantly more difficult. Currently, many people are either not aware of these mechanisms, or are unable or unwilling or to use them. Security experts have taken to portraying people as "the weakest link" in their efforts to deploy effective security [e.g. Schneier, 2000]. However, recent research has revealed at least some of the problem may be that security mechanisms are hard to use, or be ineffective. The review summarises current research on the usability of security mechanisms, and discusses options for increasing their usability and effectiveness

Using biometrics as an enabling technology in balancing universality and selectivity for management of information access

The key concept of Universal Access in the Information Society has important and far-reaching implications for the design of a wide range of systems and data sources. This paper sets out to examine two fundamentally conflicting aspects of the broad principle of universality in design, pointing to the opposite requirement that, in many applications, access to a system or set of data must be limited to an identifiable population of ?authorised? users. However, the idea of universality then applies at a lower level, since the mechanisms used to impose these limitations should themselves not be dependent on the physical attributes or expertise of individuals, but rather related to their identity and designated level of authorisation. This leads to an interesting situation where the concept of universality must be implemented at different levels and, equally, must be balanced against the competing claims of the constraints imposed by authorisation-determined selectivity. This paper argues that technology based on biometric processing - the exploitation of measurements relating to individual physiological or behavioural attributes - provides a key platform on which an access management structure can be realised. Experimental results based on various biometric modalities are used to support and illustrate the ideas proposed

Using Biometrics as an Enabling Technology in Balancing Universality and Selectivity for Management of Information Access

The key concept of Universal Access in the Information Society has important and far-reaching implications for the design of a wide range of systems and data sources. This paper sets out to examine two fundamentally conflicting aspects of the broad principle of universality in design, pointing to the opposite requirement that, in many applications, access to a system or set of data must be limited to an identifiable population of “authorised” users. However, the idea of universality then applies at a lower level, since the mechanisms used to impose these limitations should themselves not be dependent on the physical attributes or expertise of individuals, but rather related to their identity and designated level of authorisation. This leads to an interesting situation where the concept of universality must be implemented at different levels and, equally, must be balanced against the competing claims of the constraints imposed by authorisation-determined selectivity. This paper argues that technology based on biometric processing - the exploitation of measurements relating to individual physiological or behavioural attributes - provides a key platform on which an access management structure can be realised. Experimental results based on various biometric modalities are used to support and illustrate the ideas proposed

Optimising multimodal fusion for biometric identification systems

Biometric systems are automatic means for imitating the human brain’s ability of identifying and verifying other humans by their behavioural and physiological characteristics. A system, which uses more than one biometric modality at the same time, is known as a multimodal system. Multimodal biometric systems consolidate the evidence presented by multiple biometric sources and typically provide better recognition performance compared to systems based on a single biometric modality. This thesis addresses some issues related to the implementation of multimodal biometric identity verification systems. The thesis assesses the feasibility of using commercial offthe-shelf products to construct deployable multimodal biometric system. It also identifies multimodal biometric fusion as a challenging optimisation problem when one considers the presence of several configurations and settings, in particular the verification thresholds adopted by each biometric device and the decision fusion algorithm implemented for a particular configuration. The thesis proposes a novel approach for the optimisation of multimodal biometric systems based on the use of genetic algorithms for solving some of the problems associated with the different settings. The proposed optimisation method also addresses some of the problems associated with score normalization. In addition, the thesis presents an analysis of the performance of different fusion rules when characterising the system users as sheep, goats, lambs and wolves. The results presented indicate that the proposed optimisation method can be used to solve the problems associated with threshold settings. This clearly demonstrates a valuable potential strategy that can be used to set a priori thresholds of the different biometric devices before using them. The proposed optimisation architecture addressed the problem of score normalisation, which makes it an effective “plug-and-play” design philosophy to system implementation. The results also indicate that the optimisation approach can be used for effectively determining the weight settings, which is used in many applications for varying the relative importance of the different performance parameters