In this study, we tested the usability of database management software for end-users. To improve the usability, novel concept Filter based Access Control model (FBAC) and FBAC UI have been developed. We conducted a user test and analyzed the results. In the test, 40 users tried to solve two tasks: 20 used Role based Access Control Model (RBAC) UI, and the rest FBAC UI. In the results, almost no RBAC UI users could complete the tasks, but users who used FBAC completed 40%.
{"title":"Filter-based access control model: exploring a more usable database management","authors":"Nachi Ueno, Ryota Hashimoto, Hisaharu Ishii, Hiroyuki Makino, Yuzuru Kitayama","doi":"10.1145/1873561.1873564","DOIUrl":"https://doi.org/10.1145/1873561.1873564","url":null,"abstract":"In this study, we tested the usability of database management software for end-users. To improve the usability, novel concept Filter based Access Control model (FBAC) and FBAC UI have been developed. We conducted a user test and analyzed the results. In the test, 40 users tried to solve two tasks: 20 used Role based Access Control Model (RBAC) UI, and the rest FBAC UI. In the results, almost no RBAC UI users could complete the tasks, but users who used FBAC completed 40%.","PeriodicalId":157379,"journal":{"name":"Computer Human Interaction for Management of Information Technology","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129862128","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper proposes that social navigation can solve many of the challenges facing user experience in collaborative systems. Three key values and three phases of design for social navigation support are identified. The values of social navigation support in collaboration are: discovery of new features; predicting the consequence of certain actions and decisions based on what other people have done previously; and conveying cultural context to meet the expectations of other members of the collaborative space. The phases are: collection of what other people have done; evaluation of consequences about the actions and decisions users can make; and presentation of the appropriate information to help the user with the best decision. The paper outlines how each value can be maximized through design at each phase. Examples are provided to illustrate that social navigation is ready to be integrated into collaboration tools to improve overall usability.
{"title":"Principles for applying social navigation to collaborative systems","authors":"Min Wu, C. Bowles","doi":"10.1145/1873561.1873563","DOIUrl":"https://doi.org/10.1145/1873561.1873563","url":null,"abstract":"This paper proposes that social navigation can solve many of the challenges facing user experience in collaborative systems. Three key values and three phases of design for social navigation support are identified. The values of social navigation support in collaboration are: discovery of new features; predicting the consequence of certain actions and decisions based on what other people have done previously; and conveying cultural context to meet the expectations of other members of the collaborative space. The phases are: collection of what other people have done; evaluation of consequences about the actions and decisions users can make; and presentation of the appropriate information to help the user with the best decision. The paper outlines how each value can be maximized through design at each phase. Examples are provided to illustrate that social navigation is ready to be integrated into collaboration tools to improve overall usability.","PeriodicalId":157379,"journal":{"name":"Computer Human Interaction for Management of Information Technology","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123892811","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
While trying to learn how to use current collaboration systems, users face many challenges, including difficulty trying out new features and experimenting without their actions affecting other users. This paper proposes an innovative approach to solve these problems by simulating the collaboration system. In this simulated environment, a user can: confirm the effect of certain actions on other people before performing the actions; check what information can be accessed by other users; and interact as another user to see if the user can perform tasks as expected. By simulating the collaboration with more than one person simultaneously, a user can test synchronous communication features using a single account. Integrating this solution into the current collaboration environment will improve the usability of collaboration software, and reduce users' reliance on administrators to support their collaboration interactions.
{"title":"Transparent collaboration: letting users simulate another user's world","authors":"C. Bowles, Min Wu","doi":"10.1145/1873561.1873568","DOIUrl":"https://doi.org/10.1145/1873561.1873568","url":null,"abstract":"While trying to learn how to use current collaboration systems, users face many challenges, including difficulty trying out new features and experimenting without their actions affecting other users. This paper proposes an innovative approach to solve these problems by simulating the collaboration system. In this simulated environment, a user can: confirm the effect of certain actions on other people before performing the actions; check what information can be accessed by other users; and interact as another user to see if the user can perform tasks as expected. By simulating the collaboration with more than one person simultaneously, a user can test synchronous communication features using a single account. Integrating this solution into the current collaboration environment will improve the usability of collaboration software, and reduce users' reliance on administrators to support their collaboration interactions.","PeriodicalId":157379,"journal":{"name":"Computer Human Interaction for Management of Information Technology","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125454061","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper explores the need for a collaborative development tool to allow information security experts to capture their interrelated knowledge in an ontology. Such a tool would enable organisations to make more informed security policy decisions around shared security issues. However, population of ontologies can be time-consuming and error-prone, and current collaborative ontology editing tools require a familiarity with ontology concepts. We present a Web-oriented tool which simplifies ontology population for information security experts, allowing them to develop ontology content without the need to understand ontology concepts. To understand how organisations manage information security knowledge within policies, we consulted two information security managers in large organisations. The Web-Protégé collaborative ontology editor was then modified to create a tool with an appropriate knowledge ontology structure that meets their requirements. The same information security managers then evaluated the tool, judging it to be accessible and potentially useful in policy decision-making.
{"title":"A collaborative ontology development tool for information security managers","authors":"John C. Mace, S. Parkin, A. Moorsel","doi":"10.1145/1873561.1873566","DOIUrl":"https://doi.org/10.1145/1873561.1873566","url":null,"abstract":"This paper explores the need for a collaborative development tool to allow information security experts to capture their interrelated knowledge in an ontology. Such a tool would enable organisations to make more informed security policy decisions around shared security issues. However, population of ontologies can be time-consuming and error-prone, and current collaborative ontology editing tools require a familiarity with ontology concepts. We present a Web-oriented tool which simplifies ontology population for information security experts, allowing them to develop ontology content without the need to understand ontology concepts. To understand how organisations manage information security knowledge within policies, we consulted two information security managers in large organisations. The Web-Protégé collaborative ontology editor was then modified to create a tool with an appropriate knowledge ontology structure that meets their requirements. The same information security managers then evaluated the tool, judging it to be accessible and potentially useful in policy decision-making.","PeriodicalId":157379,"journal":{"name":"Computer Human Interaction for Management of Information Technology","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133604963","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In this paper, we identify the primary difficulties encountered when security systems include users in the decision-making process. We propose security system inquiry mechanisms, designed around file open dialogs and drag-and-drop interfaces, to increase the accuracy of information obtained from users while also maintaining a high level of user inclusiveness in security decisions. We note that, although it has been previously shown that many users are inherently bad at making final security decisions, useful information regarding user intent can be accurately obtained by using our inquiry mechanisms. In particular, inquiry mechanisms that parallel the actions within applications the user actually intends to perform prompt the user in ways that are understandable and likely to receive accurate responses. We discuss how our system eliminates the traditional problems faced in security systems due to false positives and false negatives.
{"title":"Johnny can drag and drop: determining user intent through traditional interactions to improve desktop security","authors":"P. F. Wilbur, T. Deshane","doi":"10.1145/1873561.1873565","DOIUrl":"https://doi.org/10.1145/1873561.1873565","url":null,"abstract":"In this paper, we identify the primary difficulties encountered when security systems include users in the decision-making process. We propose security system inquiry mechanisms, designed around file open dialogs and drag-and-drop interfaces, to increase the accuracy of information obtained from users while also maintaining a high level of user inclusiveness in security decisions. We note that, although it has been previously shown that many users are inherently bad at making final security decisions, useful information regarding user intent can be accurately obtained by using our inquiry mechanisms. In particular, inquiry mechanisms that parallel the actions within applications the user actually intends to perform prompt the user in ways that are understandable and likely to receive accurate responses. We discuss how our system eliminates the traditional problems faced in security systems due to false positives and false negatives.","PeriodicalId":157379,"journal":{"name":"Computer Human Interaction for Management of Information Technology","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127490273","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The management of IT involves the thoughtful consideration of the management of stakeholders' knowledge as information system success depends upon synergy between human and technical systems. In this paper particular attention is paid to the notion of frames, or frames of reference, held by the stakeholders of information systems and their effects on system adoption and use. A qualitative study is performed in the context of an engineering firm's adoption of a commercial ERP package. Findings suggest that besides frames of technology, the beliefs and perceptions that stakeholders have of each other influence their utilization of technological artifacts and influence the operation of information systems.
{"title":"People frames: the social construction of information systems","authors":"Le Db, Roux, Gp Le Roux","doi":"10.1145/1873561.1873562","DOIUrl":"https://doi.org/10.1145/1873561.1873562","url":null,"abstract":"The management of IT involves the thoughtful consideration of the management of stakeholders' knowledge as information system success depends upon synergy between human and technical systems. In this paper particular attention is paid to the notion of frames, or frames of reference, held by the stakeholders of information systems and their effects on system adoption and use. A qualitative study is performed in the context of an engineering firm's adoption of a commercial ERP package. Findings suggest that besides frames of technology, the beliefs and perceptions that stakeholders have of each other influence their utilization of technological artifacts and influence the operation of information systems.","PeriodicalId":157379,"journal":{"name":"Computer Human Interaction for Management of Information Technology","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121922315","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Today's networked users are required to configure a number of different network settings on their computer in order to access specific network based services. For example, these users need to know whether to enable a Virtual Private Network (VPN) tunnel and, in some cases, also select the appropriate wireless network. As more sophisticated security models are incorporated into networks, the user's task in managing these settings will become more complex.� This paper describes a design which simplifies the task of accessing network based services using a more user oriented, less technology centric task flow.
{"title":"Towards a task oriented method for accessing network based services","authors":"Nils Pedersen, P. Clark, Martine Freiberger","doi":"10.1145/1873561.1873567","DOIUrl":"https://doi.org/10.1145/1873561.1873567","url":null,"abstract":"Today's networked users are required to configure a number of different network settings on their computer in order to access specific network based services. For example, these users need to know whether to enable a Virtual Private Network (VPN) tunnel and, in some cases, also select the appropriate wireless network. As more sophisticated security models are incorporated into networks, the user's task in managing these settings will become more complex.\u0000 This paper describes a design which simplifies the task of accessing network based services using a more user oriented, less technology centric task flow.","PeriodicalId":157379,"journal":{"name":"Computer Human Interaction for Management of Information Technology","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2010-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126090884","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper reports field research of Enterprise IT-Management Software deployments in corporate data centers. The observed deployments were complex, time-consuming and often did not provide tools and documentation that optimally supported IT Professionals' work. The findings highlight deployment work practices and challenges, and inform guidelines for designing deployment tools and documentation that support IT Professionals' work.
{"title":"IT-management software deployment: field findings and design guidelines","authors":"Lance Bloom, Nancy Clark","doi":"10.1145/1477973.1477985","DOIUrl":"https://doi.org/10.1145/1477973.1477985","url":null,"abstract":"This paper reports field research of Enterprise IT-Management Software deployments in corporate data centers. The observed deployments were complex, time-consuming and often did not provide tools and documentation that optimally supported IT Professionals' work. The findings highlight deployment work practices and challenges, and inform guidelines for designing deployment tools and documentation that support IT Professionals' work.","PeriodicalId":157379,"journal":{"name":"Computer Human Interaction for Management of Information Technology","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125403448","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
P. Jaferian, David Botta, F. Raja, K. Hawkey, K. Beznosov
An important factor that impacts the effectiveness of security systems within an organization is the usability of security management tools. In this paper, we present a survey of design guidelines for such tools. We gathered guidelines and recommendations related to IT security management tools from the literature as well as from our own prior studies of IT security management. We categorized and combined these into a set of high level guidelines and identified the relationships between the guidelines and challenges in IT security management. We also illustrated the need for the guidelines, where possible, with quotes from additional interviews with five security practitioners. Our framework of guidelines can be used by those developing IT security tools, as well as by practitioners and managers evaluating tools.
{"title":"Guidelines for designing IT security management tools","authors":"P. Jaferian, David Botta, F. Raja, K. Hawkey, K. Beznosov","doi":"10.1145/1477973.1477983","DOIUrl":"https://doi.org/10.1145/1477973.1477983","url":null,"abstract":"An important factor that impacts the effectiveness of security systems within an organization is the usability of security management tools. In this paper, we present a survey of design guidelines for such tools. We gathered guidelines and recommendations related to IT security management tools from the literature as well as from our own prior studies of IT security management. We categorized and combined these into a set of high level guidelines and identified the relationships between the guidelines and challenges in IT security management. We also illustrated the need for the guidelines, where possible, with quotes from additional interviews with five security practitioners. Our framework of guidelines can be used by those developing IT security tools, as well as by practitioners and managers evaluating tools.","PeriodicalId":157379,"journal":{"name":"Computer Human Interaction for Management of Information Technology","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131306863","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Healthcare organizations are struggling to meet industry best practices for information security as well as complying with regulatory requirements. Single sign-on technology is emerging as a leading technology for password authentication management and promises to improve security while curbing system maintenance costs. While the technology seems to be a simple viable solution for authentication, when placed in context, many socio-technical complexities emerge. One of these complexities is that of the mismatch between the users' mental models and the system model.� This study was a 15-month ethnographic field study that followed the implementation of a single sign-on system in a hospital environment. It resulted in the finding that the misaligned mental models caused difficulties not only for the user but for the system administrators. The findings also indicate that not only was the user's mental model of the technology inaccurate, but the presentation of the technology by the information technology group contributed to this misaligned understanding. The end result was dissatisfaction with the new technology for both end users and the system administrators.� In order to address the critical issue of mental model misalignment in the implementation of SSO technology, practitioners must first gain an understanding of the preexisting mental models had by the target users regarding authentication and then use this information to guide implementation of the new technology.
{"title":"Network authentication using single sign-on: the challenge of aligning mental models","authors":"Rosa R. Heckle, W. Lutters, David Gurzick","doi":"10.1145/1477973.1477982","DOIUrl":"https://doi.org/10.1145/1477973.1477982","url":null,"abstract":"Healthcare organizations are struggling to meet industry best practices for information security as well as complying with regulatory requirements. Single sign-on technology is emerging as a leading technology for password authentication management and promises to improve security while curbing system maintenance costs. While the technology seems to be a simple viable solution for authentication, when placed in context, many socio-technical complexities emerge. One of these complexities is that of the mismatch between the users' mental models and the system model.\u0000 This study was a 15-month ethnographic field study that followed the implementation of a single sign-on system in a hospital environment. It resulted in the finding that the misaligned mental models caused difficulties not only for the user but for the system administrators. The findings also indicate that not only was the user's mental model of the technology inaccurate, but the presentation of the technology by the information technology group contributed to this misaligned understanding. The end result was dissatisfaction with the new technology for both end users and the system administrators.\u0000 In order to address the critical issue of mental model misalignment in the implementation of SSO technology, practitioners must first gain an understanding of the preexisting mental models had by the target users regarding authentication and then use this information to guide implementation of the new technology.","PeriodicalId":157379,"journal":{"name":"Computer Human Interaction for Management of Information Technology","volume":"64 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126255813","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: