myTea: Connecting the Web to Digital Science on the Desktop

Bioinformaticians regularly access the hundreds of databases and tools that are available to them on the Web. None of these tools communicate with each other, causing the scientist to copy results manually from a Web site into a spreadsheet or word processor. myGrids' Taverna has made it possible to create templates (workflows) that automatically run searches using these databases and tools, cutting down what previously took days of work into hours, and enabling the automated capture of experimental details. What is still missing in the capture process, however, is the details of work done on that material once it moves from the Web to the desktop: if a scientist runs a process on some data, there is nothing to record why that action was taken; it is likewise not easy to publish a record of this process back to the community on the Web. In this paper, we present a novel interaction framework, built on Semantic Web technologies, and grounded in usability design practice, in particular the Making Tea method. Through this work, we introduce a new model of practice designed specifically to (1) support the scientists' interactions with data from the Web to the desktop, (2) provide automatic annotation of process to capture what has previously been lost and (3) associate provenance services automatically with that data in order to enable meaningful interrogation of the process and controlled sharing of the results

Context-based personalised settings for mobile location sharing

This work was supported by the Engineering and Physical Sciences Research Council [grant number EP/G002606/1].Location-Based Services (LBSes) are increasing in popularity, but create many privacy concerns for users. LBSes usually rely on the same default privacy settings for all users. In this position paper, we claim that such settings are inappropriate for location sharing and that settings should instead rely on contextual information to recommend personalised privacy settings for users. We present results of an initial user study (n=80) to corroborate this position, and suggest avenues for further research.PostprintPeer reviewe

Transparent interaction; dynamic generation: context histories for shared science

Scientists who do in silico or computer-based experiments use general purpose computer tools, like Web browsers and word processors to carry out their tasks. As such, they have no formal file management support for collecting, coordinating, annotating and reflecting on their digital experimental traces. In this presentation we look at how we are exploring the use of implicit context histories to support scientists with both formal and everyday collaborations. We describe our goal to utilize the non-intrusive discovery and use of implicit contexts generated by task-based interactions in order to represent back, on demand, how one file or collection may be related to another. Such annotatable reports can then either be shared or used as inputs for further service requests for selected data

Safe and Sound: a safety-critical approach to security

This paper firstly argues that the design of security applications needs to consider more than technical elements. Since almost all security systems involve human users as well as technology, security should be considered, and designed as, a socio-technical work system. Secondly, we argue that safety-critical systems design has similar goals and issues to security design, and should thus provide a good starting point. Thirdly, we identify Reason's (1990) Generic Error Modeling System as the most suitable starting point for a socio-technical approach, and demonstrate how its basic elements can be applied to the domain of information security. We demonstrate how the application of the model's concepts, especially the distinction between active and latent failures, offers an effective way of identifying and addressing security issues that involve human behavior. Finally, we identify strengths and weaknesses of this approach, and the requirement for further work to produce a security-specific sociotechnical design framework

"Ten strikes and you're out": Increasing the number of login attempts can improve password usability

Many users today are struggling to manage an increasing number of passwords. As a consequence, many organizations face an increasing demand on an expensive resource -- the system administrators or help desks. This paper suggests that re-considering the "3- strikes" policy commonly applied to password login systems would be an immediate way of reducing this demand. We analyzed 10 weeks worth of system logs from a sample of 386 users, whose login attempts were not restricted in the usual manner. During that period, only 10% of login attempts failed. We predict that requests for password reminders could be reduced by up to 44% by increasing the number of strikes from 3 to ten

Shoulder Surfing Defence for Recall-based Graphical Passwords

Graphical passwords are often considered prone to shouldersurfing attacks, where attackers can steal a user‟s password by peeking over his or her shoulder in the authentication process. In this paper, we explore shoulder surfing defence for recall-based graphical password systems such as Draw-A-Secret and Background Draw-A-Secret, where users doodle their passwords (i.e. secrets) on a drawing grid. We propose three innovative shoulder surfing defence techniques, and conduct two separate controlled laboratory experiments to evaluate both security and usability perspectives of the proposed techniques. One technique was expected to work to some extent theoretically, but it turned out to provide little protection. One technique provided the best overall shoulder surfing defence, but also caused some usability challenges. The other technique achieved reasonable shoulder surfing defence and good usability simultaneously, a good balance which the two other techniques did not achieve. Our results appear to be also relevant to other graphical password systems such as Pass-Go