HCI has a set of goals, as well as information security and its best practices. From my reading HCI goals incorporated with information security should produce usable, functional, secure and safe systems.
To do so researcher, developers and engineers must attempt to understand factors that determine how people use technology and achieve efficient, effective and safe interaction
Thursday, March 26, 2009
Monday, March 23, 2009
W2SP 2009: Web 2.0 Security and Privacy 2009 - Workshop Call for Papers
http://w2spconf.com/2009/
Workshop Call for Papers
W2SP 2009: Web 2.0 Security and Privacy 2009
Thursday, May 21
The Claremont Resort, Oakland, California
Workshop Call for Papers
W2SP 2009: Web 2.0 Security and Privacy 2009
Thursday, May 21
The Claremont Resort, Oakland, California
Previous W2SP Workshops: 2008, 2007
The goal of this one day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and establishing new collaborations in these areas.
Web 2.0 is about connecting people and amplifying the power of working together. Enabled by a wave of new technology, these social and business interactions rely on composition of content and services from multiple sources, commonly called mash-ups, leading to systems with complex trust boundaries. This trend is likely to continue because individuals and businesses desire the efficiency and simplicity these technologies offer.
Together with their virtues, these technologies raise issues about management of identities, reputation, privacy, anonymity, transient and long term relationships, and composition of function and content, both on the server and on the client (web browser). Although the underlying security and privacy issues are not new, the use of these technologies on a wide scale and by a broad audience raises new questions. This workshop is intended to discuss the limitations of current technologies and explore alternatives.
The scope of W2SP 2009 includes, but is not limited to:
- Trustworthy cloud-based services
- Privacy and reputation in social networks
- Usable security and privacy
- Security for the mobile web
- Identity management and psuedonymity
- Advertisement and affiliate fraud
- Provenance and governance
- Security and privacy as a service
- Web services/feeds/mashups
- Security and privacy policies for composible content
- Next-generation browser technology
Workshop Co-Chairs
- Larry Koved (IBM Research)
- Dan S. Wallach (Rice University)
- Adam Barth (UC Berkeley)
- Ben Adida (Harvard University)
- Dirk Balfanz (PARC)
- Adam Barth (UC Berkeley)
- Konstantin (Kosta) Beznosov
- Suresh Chari (IBM Research)
- Hao Chen (UC Davis)
- Douglas Crockford (Yahoo)
- Chris Karlof (UC Berkeley)
- Larry Koved (IBM Research)
- Shriram Krishnamurthi (Brown University)
- Collin Jackson (Stanford University)
- Rob Johnson (Stony Brook University)
- John C. Mitchell (Stanford University)
- Sean W. Smith (Dartmouth University)
- Helen Wang (Microsoft Research)
- Dan S. Wallach (Rice University)
Paper submission deadline: March 6, 2009, (11:59pm US-Eastern)
Workshop acceptance notification date: March 31, 2009
Workshop date: Thursday, May 21, 2009
Workshop paper submission web site: To be announced.
SOUPS 2009 - CALL FOR PAPERS
CALL FOR PAPERS -- SOUPS 2009
Symposium On Usable Privacy and Security
July 15-17, 2009
Google, Mountain View, CA USA
http://cups.cs.cmu.edu/SOUPS/
The 2009 Symposium on Usable Privacy and Security (SOUPS) will bring
together an interdisciplinary group of researchers and practitioners
in human computer interaction, security, and privacy. The program will
feature technical papers, a poster session, panels and invited talks,
discussion sessions, and in-depth sessions (workshops and
tutorials). Detailed information about technical paper submissions
appears below. For information about other submissions please see the
SOUPS web site http://cups.cs.cmu.edu/soups/2009/cfp.html.
TECHNICAL PAPERS
We invite authors to submit original papers describing research or
experience in all areas of usable privacy and security. Topics
include, but are not limited to:
* innovative security or privacy functionality and design,
* new applications of existing models or technology,
* field studies of security or privacy technology,
* usability evaluations of security or privacy features or security
testing of usability features, and
* lessons learned from deploying and using usable privacy
and security features.
All submissions must relate to both usability and either security or
privacy. Papers on security or privacy applications that do not
address usability or human factors will not be considered.
Papers need to describe the purpose and goals of the work completed to
date, cite related work, show how the work effectively integrates
usability and security or privacy, and clearly indicate the innovative
aspects of the work or lessons learned as well as the contribution of
the work to the field. Submitted papers must not substantially overlap
papers that have been published or that are simultaneously submitted
to a journal or a conference with proceedings. Accepted papers will
appear in the ACM Digital Library as part of the ACM International
Conference Proceedings Series. The technical papers committee will
select an accepted paper to receive the SOUPS 2009 best paper award.
Papers may be up to 12 pages in length including bibliography,
appendices, and figures, using the SOUPS proceedings template on the
SOUPS web site. All submissions must be in PDF format and should not
be blinded. In addition, you must cut and paste an abstract of no more
than 300 words onto the submission form.
Submit your paper using the electronic submissions page for the SOUPS
2009 conference (http://cups.cs.cmu.edu/soups/2009/submit.html). A
successful submission will display a web page confirming it, and a
confirmation email is sent to the corresponding author. Please make
sure you receive that confirmation email when you submit, and follow
the directions in that email if you require any follow up.
Technical paper submissions will close at midnight, US East Coast
time, the evening of Friday, February 27. This is a hard deadline!
Authors will be notified of technical paper acceptance by April 20,
and camera ready final versions of technical papers are due May 29.
General Chair:
Lorrie Cranor, Carnegie Mellon University
Interactive and In-Depth Session Chairs:
Konstantin Beznosov, University of British Columbia
Ka-Ping Yee, Google.org
Posters Co-Chairs:
Dirk Balfanz, Google
Rob Miller, Massachusetts Institute of Technology
Technical Papers Co-Chairs:
Simson L. Garfinkel, Naval Postgraduate School
Andrew Patrick, National Research Council Canada
Technical Papers Committee
Steven Bellovin, Columbia University
Robert Biddle, Carleton University
Jose Brustoloni, University of Pittsburgh
L. Jean Camp, Indiana University
Bill Cheswick, AT&T Research
Rachna Dhamija, Usable Security Systems
Roger Dingledine, The Tor Project
Carl Ellison, Microsoft
Harry Hochheiser, Towson University
Markus Jakobsson, PARC
Audun Jøsang, University of Oslo
Clare-Marie Karat, IBM
Rob Miller, MIT
Rob Reeder, Microsoft
Karen Renaud, University of Glasgow
Angela Sasse, University College London
Stuart Schechter, Microsoft
Diana Smetters, PARC
Paul Van Oorschot, Carleton University
Hao-Chi Wong, Intel
Mary Ellen Zurko, IBM
Symposium On Usable Privacy and Security
July 15-17, 2009
Google, Mountain View, CA USA
http://cups.cs.cmu.edu/SOUPS/
The 2009 Symposium on Usable Privacy and Security (SOUPS) will bring
together an interdisciplinary group of researchers and practitioners
in human computer interaction, security, and privacy. The program will
feature technical papers, a poster session, panels and invited talks,
discussion sessions, and in-depth sessions (workshops and
tutorials). Detailed information about technical paper submissions
appears below. For information about other submissions please see the
SOUPS web site http://cups.cs.cmu.edu/soups/2009/cfp.html.
TECHNICAL PAPERS
We invite authors to submit original papers describing research or
experience in all areas of usable privacy and security. Topics
include, but are not limited to:
* innovative security or privacy functionality and design,
* new applications of existing models or technology,
* field studies of security or privacy technology,
* usability evaluations of security or privacy features or security
testing of usability features, and
* lessons learned from deploying and using usable privacy
and security features.
All submissions must relate to both usability and either security or
privacy. Papers on security or privacy applications that do not
address usability or human factors will not be considered.
Papers need to describe the purpose and goals of the work completed to
date, cite related work, show how the work effectively integrates
usability and security or privacy, and clearly indicate the innovative
aspects of the work or lessons learned as well as the contribution of
the work to the field. Submitted papers must not substantially overlap
papers that have been published or that are simultaneously submitted
to a journal or a conference with proceedings. Accepted papers will
appear in the ACM Digital Library as part of the ACM International
Conference Proceedings Series. The technical papers committee will
select an accepted paper to receive the SOUPS 2009 best paper award.
Papers may be up to 12 pages in length including bibliography,
appendices, and figures, using the SOUPS proceedings template on the
SOUPS web site. All submissions must be in PDF format and should not
be blinded. In addition, you must cut and paste an abstract of no more
than 300 words onto the submission form.
Submit your paper using the electronic submissions page for the SOUPS
2009 conference (http://cups.cs.cmu.edu/soups/2009/submit.html). A
successful submission will display a web page confirming it, and a
confirmation email is sent to the corresponding author. Please make
sure you receive that confirmation email when you submit, and follow
the directions in that email if you require any follow up.
Technical paper submissions will close at midnight, US East Coast
time, the evening of Friday, February 27. This is a hard deadline!
Authors will be notified of technical paper acceptance by April 20,
and camera ready final versions of technical papers are due May 29.
General Chair:
Lorrie Cranor, Carnegie Mellon University
Interactive and In-Depth Session Chairs:
Konstantin Beznosov, University of British Columbia
Ka-Ping Yee, Google.org
Posters Co-Chairs:
Dirk Balfanz, Google
Rob Miller, Massachusetts Institute of Technology
Technical Papers Co-Chairs:
Simson L. Garfinkel, Naval Postgraduate School
Andrew Patrick, National Research Council Canada
Technical Papers Committee
Steven Bellovin, Columbia University
Robert Biddle, Carleton University
Jose Brustoloni, University of Pittsburgh
L. Jean Camp, Indiana University
Bill Cheswick, AT&T Research
Rachna Dhamija, Usable Security Systems
Roger Dingledine, The Tor Project
Carl Ellison, Microsoft
Harry Hochheiser, Towson University
Markus Jakobsson, PARC
Audun Jøsang, University of Oslo
Clare-Marie Karat, IBM
Rob Miller, MIT
Rob Reeder, Microsoft
Karen Renaud, University of Glasgow
Angela Sasse, University College London
Stuart Schechter, Microsoft
Diana Smetters, PARC
Paul Van Oorschot, Carleton University
Hao-Chi Wong, Intel
Mary Ellen Zurko, IBM
CodeCon 2009 - Call For Presentations
CodeCon 2009
April 17-19, 2009
San Francisco CA, USA
www.codecon.org
Call For Presentations
CodeCon is the premier showcase of cutting edge software development. It
is an excellent opportunity for programmers to demonstrate their work and
keep abreast of what's going on in their community.
All presentations must include working demonstrations, ideally accompanied
by source code. Presentations must be done by one of the active developers
of the code in question. We emphasize that demonstrations be of *working*
code.
We hereby solicit papers and demonstrations.
* Papers and proposals due: February 15, 2009
* All Authors notified: March 1, 2009
Possible topics include, but are by no means restricted to:
* community-based web sites - forums, weblogs, personals
* development tools - languages, debuggers, version control
* file sharing systems - swarming distribution, distributed search
* security products - mail encryption, intrusion detection, firewalls
* malware analysis - detection, compensation, and mitigation of
emerging threats
--
As a new feature this year, CodeCon will be presenting a Biohack! track.
While we will continue our tradition of presenting only one talk at a
time, a portion of one of the days' talks will be reserved for interesting
biotechnology hacking projects. A key requirement for these presentations
is ease of reproduction with minimal access to expensive laboratory
equipment.
Example topics include:
* Purifying DNA using common household items
* Developing genetically-modified bacteria in a kitchen laboratory
* Using specially-designed software to assist in bioengineering
* The use of simple bioengineering techniques to solve real-world
problems.
Ideal Biohack! Track submissions will have a strong emphasis on the
"hack" portion of the talk -- in the last few years, there has been a
strong growth in the community of biology hackers; we aim to bring these
hackers together to discuss their techniques for inexpensive, at home
experimentation in biological engineering research.
--
Presentations will be 30 minutes long, with an additional 15 minutes
allocated for Q&A. Overruns will be truncated.
Submission details:
Submissions are being accepted immediately. Acceptance dates are
February 7th and March 1st. After the first acceptance date, submissions
will be either accepted, rejected, or deferred to the second acceptance
date.
The conference language is English.
The conference venue is open to all ages.
Ideally, technical demonstrations should be usable by attendees with
802.11b connected devices either via a web interface, or locally on
Windows, UNIX-like, or MacOS platforms. Cross-platform applications are
most desirable. Biohacking demonstrations should be viewable with a
presenter-provided camera, or prepared movies for projection.
To submit, send mail to submissions-2009@... including the
following information:
* Project name
* Code track or Biohack! track
* url of project home page
* tagline - one sentence or less summing up what the project does
* names of presenter(s) and urls of their home pages, if they have any
* one-paragraph bios of presenters, optional, under 100 words each
* project history, under 150 words
* what makes the project novel -- how it differs from similar projects
* what will be done in the project demo, under 200 words
* slides to be shown during the presentation, if applicable
* future plans
General Chairs: Jonathan Moore and Bram Cohen
Program Chair: Jered Floyd and Len Sassaman
Program Committee:
* Jon Callas, PGP, USA
* Bram Cohen, BitTorrent, USA
* Roger Dingledine, The Tor Project, USA
* Jered Floyd, Permabit, USA
* Ben Laurie, Google, UK
* Nick Mathewson, The Tor Project, USA
* David Molnar, University of California, Berkeley, USA
* Jonathan Moore, Mosuki, USA
* Meredith L. Patterson, Osogato, USA
* Andrew S. Peek, Integrated DNA Technologies, USA
* Len Sassaman, Katholieke Universiteit Leuven, BE
* Cliff Skolnick
* Paul Syverson, Naval Research Laboratory, USA
* [Others may be added]
Sponsorship:
If your organization is interested in sponsoring CodeCon, we would love to
hear from you. In particular, we are looking for sponsors for social meals
and parties on any of the three days of the conference, as well as
sponsors of the conference as a whole and donors of door prizes. If you
might be interested in sponsoring any of these aspects, please contact the
conference organizers at codecon2009@...
Press policy:
CodeCon provides a limited number of passes to qualifying press.
Complimentary press passes will be evaluated on request. Everyone is
welcome to pay the low registration fee to attend without an official
press credential.
Questions:
If you have questions about CodeCon, or would like to contact the
organizers, please mail codecon2009@.... Please note this address
is only for questions and administrative requests, and not for workshop
presentation submissions.
April 17-19, 2009
San Francisco CA, USA
www.codecon.org
Call For Presentations
CodeCon is the premier showcase of cutting edge software development. It
is an excellent opportunity for programmers to demonstrate their work and
keep abreast of what's going on in their community.
All presentations must include working demonstrations, ideally accompanied
by source code. Presentations must be done by one of the active developers
of the code in question. We emphasize that demonstrations be of *working*
code.
We hereby solicit papers and demonstrations.
* Papers and proposals due: February 15, 2009
* All Authors notified: March 1, 2009
Possible topics include, but are by no means restricted to:
* community-based web sites - forums, weblogs, personals
* development tools - languages, debuggers, version control
* file sharing systems - swarming distribution, distributed search
* security products - mail encryption, intrusion detection, firewalls
* malware analysis - detection, compensation, and mitigation of
emerging threats
--
As a new feature this year, CodeCon will be presenting a Biohack! track.
While we will continue our tradition of presenting only one talk at a
time, a portion of one of the days' talks will be reserved for interesting
biotechnology hacking projects. A key requirement for these presentations
is ease of reproduction with minimal access to expensive laboratory
equipment.
Example topics include:
* Purifying DNA using common household items
* Developing genetically-modified bacteria in a kitchen laboratory
* Using specially-designed software to assist in bioengineering
* The use of simple bioengineering techniques to solve real-world
problems.
Ideal Biohack! Track submissions will have a strong emphasis on the
"hack" portion of the talk -- in the last few years, there has been a
strong growth in the community of biology hackers; we aim to bring these
hackers together to discuss their techniques for inexpensive, at home
experimentation in biological engineering research.
--
Presentations will be 30 minutes long, with an additional 15 minutes
allocated for Q&A. Overruns will be truncated.
Submission details:
Submissions are being accepted immediately. Acceptance dates are
February 7th and March 1st. After the first acceptance date, submissions
will be either accepted, rejected, or deferred to the second acceptance
date.
The conference language is English.
The conference venue is open to all ages.
Ideally, technical demonstrations should be usable by attendees with
802.11b connected devices either via a web interface, or locally on
Windows, UNIX-like, or MacOS platforms. Cross-platform applications are
most desirable. Biohacking demonstrations should be viewable with a
presenter-provided camera, or prepared movies for projection.
To submit, send mail to submissions-2009@... including the
following information:
* Project name
* Code track or Biohack! track
* url of project home page
* tagline - one sentence or less summing up what the project does
* names of presenter(s) and urls of their home pages, if they have any
* one-paragraph bios of presenters, optional, under 100 words each
* project history, under 150 words
* what makes the project novel -- how it differs from similar projects
* what will be done in the project demo, under 200 words
* slides to be shown during the presentation, if applicable
* future plans
General Chairs: Jonathan Moore and Bram Cohen
Program Chair: Jered Floyd and Len Sassaman
Program Committee:
* Jon Callas, PGP, USA
* Bram Cohen, BitTorrent, USA
* Roger Dingledine, The Tor Project, USA
* Jered Floyd, Permabit, USA
* Ben Laurie, Google, UK
* Nick Mathewson, The Tor Project, USA
* David Molnar, University of California, Berkeley, USA
* Jonathan Moore, Mosuki, USA
* Meredith L. Patterson, Osogato, USA
* Andrew S. Peek, Integrated DNA Technologies, USA
* Len Sassaman, Katholieke Universiteit Leuven, BE
* Cliff Skolnick
* Paul Syverson, Naval Research Laboratory, USA
* [Others may be added]
Sponsorship:
If your organization is interested in sponsoring CodeCon, we would love to
hear from you. In particular, we are looking for sponsors for social meals
and parties on any of the three days of the conference, as well as
sponsors of the conference as a whole and donors of door prizes. If you
might be interested in sponsoring any of these aspects, please contact the
conference organizers at codecon2009@...
Press policy:
CodeCon provides a limited number of passes to qualifying press.
Complimentary press passes will be evaluated on request. Everyone is
welcome to pay the low registration fee to attend without an official
press credential.
Questions:
If you have questions about CodeCon, or would like to contact the
organizers, please mail codecon2009@.... Please note this address
is only for questions and administrative requests, and not for workshop
presentation submissions.
Tuesday, March 17, 2009
Heuristic Evaluation (Jakob Nielsen)
Heuristics are rules of thumb for reasoning, a simplification, or educated guess that reduces or limits the search for solutions in domains that are difficult and poorly understood. Unlike formal structures like algorithms, heuristics do not guarantee optimal, or even feasible, solutions and are often used with no theoretical guarantee.
Jakob Nielsen, Heuristic Evaluation
1. Visibility of system status
The system should always keep users informed about what is going on, through appropriate feedback within reasonable time.
2. Match between system and the real world
The system should speak the users' language, with words, phrases, and concepts familiar to the user, rather than system-oriented terms. Follow real-world conventions, making information appear in natural and logical order.
3. User control and freedom
Users often choose system functions by mistake and will need a clearly marked "emergency exit" to leave the unwanted state without having to go through an extended dialogue. Support undo and redo.
4. Consistency and standards
Users should not have to wonder whether different words, situations, or actions men the same thing. Follow platform conventions.
5. Error prevention
Even better than good error messages is a careful design which prevents a problem from occurring in the first place.
6. Recognition rather than recall
Make objects, actions and options visible. The user should not have to remember information from on part of the dialogue to another. Instructions for use of the system should be visible or easily retrievable whenever appropriate.
7. Flexibility and efficiency of use
Accelerators - unseen by the novice user - may often speed up the interaction for the expert user to such an extent that the system can cater to both inexperienced and experienced users. Allow users to tailor frequent actions.
8. Aesthetic and minimalist design
Dialogues should not contain information which irrelevant or rarely needed. Every extra unit of information in a dialogue competes with the relevant units of information and diminishes their relative visibility.
9. Help users recognize, diagnose, and recover from errors
Error messages should be expressed in plain language (no codes), precisely indicate the problem, and constructively suggest a solution.
10. Help and documentation
Even though it is better if the system can be used without documentation, it may be necessary to provide help and documentation. Any such information should be easy to search, focused on the user's task, list concrete steps to be carried out, and not be too large.
Jakob Nielsen, Heuristic Evaluation
1. Visibility of system status
The system should always keep users informed about what is going on, through appropriate feedback within reasonable time.
2. Match between system and the real world
The system should speak the users' language, with words, phrases, and concepts familiar to the user, rather than system-oriented terms. Follow real-world conventions, making information appear in natural and logical order.
3. User control and freedom
Users often choose system functions by mistake and will need a clearly marked "emergency exit" to leave the unwanted state without having to go through an extended dialogue. Support undo and redo.
4. Consistency and standards
Users should not have to wonder whether different words, situations, or actions men the same thing. Follow platform conventions.
5. Error prevention
Even better than good error messages is a careful design which prevents a problem from occurring in the first place.
6. Recognition rather than recall
Make objects, actions and options visible. The user should not have to remember information from on part of the dialogue to another. Instructions for use of the system should be visible or easily retrievable whenever appropriate.
7. Flexibility and efficiency of use
Accelerators - unseen by the novice user - may often speed up the interaction for the expert user to such an extent that the system can cater to both inexperienced and experienced users. Allow users to tailor frequent actions.
8. Aesthetic and minimalist design
Dialogues should not contain information which irrelevant or rarely needed. Every extra unit of information in a dialogue competes with the relevant units of information and diminishes their relative visibility.
9. Help users recognize, diagnose, and recover from errors
Error messages should be expressed in plain language (no codes), precisely indicate the problem, and constructively suggest a solution.
10. Help and documentation
Even though it is better if the system can be used without documentation, it may be necessary to provide help and documentation. Any such information should be easy to search, focused on the user's task, list concrete steps to be carried out, and not be too large.
Friday, March 13, 2009
People in HCI - Dr Anne Adams
An infamous past acting in theatre and film led to years of work experience in Market Research. My reputation as a researcher was then saved by a degree in Psychology with IT. It was here that I realised computers can do quite useful things as long as they were designed for mere mortals to use them. I continued with this notion by studying an MSc in HCI (human computer interaction) at the UCL interaction center [formerly known as the ergonomics group]. I furthered my knowledge with a PhD at UCL, CS & psychology department. After a research fellow post at Middlesex University my quest to make computers work for people has now returned me UCLIC.
Collaborations: I enjoy collaborating with others and have worked and written with: Angela Sasse (CS, UCL), Ann Blandford (UCLIC) Peter Lunt (Psychology, UCL), Patty Kostakova (City University), Simon Attfield (UCLIC), Bob Fields (Middlesex University), Jeanette Murphy (CHIME, UCL).
Students I have also written with are: Maria Nilsson, Catherine Broome.
Source: http://www.uclic.ucl.ac.uk/usr/anne/
Collaborations: I enjoy collaborating with others and have worked and written with: Angela Sasse (CS, UCL), Ann Blandford (UCLIC) Peter Lunt (Psychology, UCL), Patty Kostakova (City University), Simon Attfield (UCLIC), Bob Fields (Middlesex University), Jeanette Murphy (CHIME, UCL).
Students I have also written with are: Maria Nilsson, Catherine Broome.
Source: http://www.uclic.ucl.ac.uk/usr/anne/
People in HCI - JosÉ Carlos Brustoloni
José Carlos Brustoloni obtained his Ph.D. degree in Computer Science
from Carnegie Mellon University, after getting an M.S. degree in
Electrical Engineering from University of São Paulo, Brazil, and a B.E.
degree in Electronics Engineering from Instituto Tecnológico de
Aeronáutica, Brazil.
José joined the University of Pittsburgh's faculty in August of 2002.
Previously, he was a researcher at Bell Laboratories, Lucent
Technologies. His research interests include computer networks,
operating systems, security, quality of service, and embedded systems.
Source: http://www.cs.pitt.edu/people/faculty/brustoloni.php
from Carnegie Mellon University, after getting an M.S. degree in
Electrical Engineering from University of São Paulo, Brazil, and a B.E.
degree in Electronics Engineering from Instituto Tecnológico de
Aeronáutica, Brazil.
José joined the University of Pittsburgh's faculty in August of 2002.
Previously, he was a researcher at Bell Laboratories, Lucent
Technologies. His research interests include computer networks,
operating systems, security, quality of service, and embedded systems.
Source: http://www.cs.pitt.edu/people/faculty/brustoloni.php
Thursday, March 12, 2009
The Three Parts of HCI
There are 3 parts to HCI, the human (user), the computer and the interaction between the user and computer.
The user consist of a person or group that will be using the system (Hardware or Software). The computer is the device being used by the human. The device can be hardware or software such as a computer, website or even a VCR. Lastly, the interaction between the user and computer can be evaluated to determine how usable and reliable it occurs.
The user consist of a person or group that will be using the system (Hardware or Software). The computer is the device being used by the human. The device can be hardware or software such as a computer, website or even a VCR. Lastly, the interaction between the user and computer can be evaluated to determine how usable and reliable it occurs.
Wednesday, March 11, 2009
Multi-touch Technology
Multi-touch (or multitouch) denotes a set of interaction techniques which allow computer users to control graphical applications with several fingers.
Multi-touch consists of a touch screen (screen, table, wall, etc.) or touchpad, as well as software that recognizes multiple simultaneous touch points, as opposed to the standard touchscreen (e.g. computer touchpad, ATM), which recognizes only one touch point. This effect is achieved through a variety of means, including but not limited to: heat, finger pressure, high capture rate cameras, infrared light, optic capture, tuned electromagnetic induction, ultrasonic receivers, transducer microphones, laser rangefinders, and shadow capture[1].
Many applications for multi-touch interfaces exist and are being proposed. Multi-touch is often associated with Apple Inc's iPhone and iPod Touch but is also used in many other products such as Apple's MacBook and MacBook Pro notebook line. Other products with multi-touch technology include Microsoft Surface, Asus EEE PC, and Meizu M8.
Modern multi touch controllers support Single-Touch and Multi-Touch All-Point touchscreen applications which allow functions such as playing video games on a mobile handset,using GPS to key in multiple locations, etc.
Source: http://en.wikipedia.org/wiki/Multi-touch
Here is an interesting video on it below:
Multi-touch consists of a touch screen (screen, table, wall, etc.) or touchpad, as well as software that recognizes multiple simultaneous touch points, as opposed to the standard touchscreen (e.g. computer touchpad, ATM), which recognizes only one touch point. This effect is achieved through a variety of means, including but not limited to: heat, finger pressure, high capture rate cameras, infrared light, optic capture, tuned electromagnetic induction, ultrasonic receivers, transducer microphones, laser rangefinders, and shadow capture[1].
Many applications for multi-touch interfaces exist and are being proposed. Multi-touch is often associated with Apple Inc's iPhone and iPod Touch but is also used in many other products such as Apple's MacBook and MacBook Pro notebook line. Other products with multi-touch technology include Microsoft Surface, Asus EEE PC, and Meizu M8.
Modern multi touch controllers support Single-Touch and Multi-Touch All-Point touchscreen applications which allow functions such as playing video games on a mobile handset,using GPS to key in multiple locations, etc.
Source: http://en.wikipedia.org/wiki/Multi-touch
Here is an interesting video on it below:
Evaluation Techniques
Cognitive walk-through is a usability evaluation technique modeled after the software engineering practice of code walk-throughs. To perform a cognitive walk-through the evaluators step though the use of the software as if they were novice users, looking for probably errors and areas of confusion.
In heuristic evaluation the user interface is evaluated against a specific list of high-priority usability principles.
In heuristic evaluation the user interface is evaluated against a specific list of high-priority usability principles.
Problematic Properties of Security
The Unmotivated User Property
Security is usually a secondary goal. People do not generally sit at their computers wanting to manage security; rather, they want to complete a task that may tangentially involve security.
The Abstraction Property
Computer security management often involves security policies which may be alien and unintuitive to many members of the general user population. This makes achieving simple abstractions difficult.
The Lack of Feedback Property
Providing good feedback for security management is a difficult problem. The state of a security configuration is usually complex, and attempts to summarize it are often inadequate.
The Barn Door Property
Once a security secret has been left accidentally unprotected, even for a short time, there is no way to be sure that it has not already been read by an attacker. Because of this, a very high priority must be placed on making sure the user does not make potentially high-cost mistakes.
The Weakest Link Property
It is well known that the security of a networked computer is only as strong as its weakest component. This means that users need to be guided to attend to all aspects of their security, not left to proceed through random exploration as they might with a word processor or spreadsheet.
Security is usually a secondary goal. People do not generally sit at their computers wanting to manage security; rather, they want to complete a task that may tangentially involve security.
The Abstraction Property
Computer security management often involves security policies which may be alien and unintuitive to many members of the general user population. This makes achieving simple abstractions difficult.
The Lack of Feedback Property
Providing good feedback for security management is a difficult problem. The state of a security configuration is usually complex, and attempts to summarize it are often inadequate.
The Barn Door Property
Once a security secret has been left accidentally unprotected, even for a short time, there is no way to be sure that it has not already been read by an attacker. Because of this, a very high priority must be placed on making sure the user does not make potentially high-cost mistakes.
The Weakest Link Property
It is well known that the security of a networked computer is only as strong as its weakest component. This means that users need to be guided to attend to all aspects of their security, not left to proceed through random exploration as they might with a word processor or spreadsheet.
Monday, March 9, 2009
People in HCI
Simson L. Garfinkel is a person that is well known in the world of information security and computer forensics. He has also made a name for himself in the Human Computer Interaction (HCI) community as well. His bio is attached below as well as a link to his website.
Simson Garfinkel’s Bio
Simson L. Garfinkel is an Associate Professor at the Naval Postgraduate School in Monterey, California, and an associate of the School of Engineering and Applied Sciences at Harvard University. His research interests include computer forensics, the emerging field of usability and security, personal information management, privacy, information policy and terrorism.
Source: http://faculty.nps.edu/slgarfin/index.html
Simson Garfinkel’s Bio
Simson L. Garfinkel is an Associate Professor at the Naval Postgraduate School in Monterey, California, and an associate of the School of Engineering and Applied Sciences at Harvard University. His research interests include computer forensics, the emerging field of usability and security, personal information management, privacy, information policy and terrorism.
Source: http://faculty.nps.edu/slgarfin/index.html
Symposium On Usable Privacy and Security
The fifth Symposium on Usable Privacy and Security (SOUPS) will be held July 15-17, 2009 at Google in Mountain View, CA. This symposium will bring together an interdisciplinary group of researchers and practitioners in human computer interaction, security, and privacy. The program features technical papers, workshops and tutorials, a poster session, panels and invited talks, and discussion sessions.
SOUPS 2009 Highlights
During this three-day event, you'll have an opportunity to hear from people doing cutting edge research as well as from industry folks who will report on their first hand experiences with usable privacy and security challenges. The popular SOUPS poster session as well as social events, breaks, and discussion sessions will provide opportunities to share ideas and network with other participants.
A SOUPS preliminary program will be available in April 2009.
SOUPS 2009 will be held on the Google campus. Accommodations have been reserved for SOUPS attendees at a nearby hotel.
Not Your Typical Conference
SOUPS distinguishes itself from other conferences by both providing a high quality technical program and by bringing together an interdisciplinary group of attendees in a format conducive to informal discussion and networking. SOUPS offers reasonable registration fees, which include meals catered by local restaurants featuring a variety of cuisines. Past attendees have raved about "the amazing group of people who were here to talk with" and the "awesome food." One past attendee wrote: "Overall, this is the best conference I've attended. I may be ruined forever going to SIGCHI and other larger conferences."
Source: http://cups.cs.cmu.edu/soups/2009/
Saturday, March 7, 2009
About HCISec
HCISec is the study of interaction between humans and computers, or HCI, specifically as it pertains to information security. Its aim, in plain terms, is to improve the usability of security features in end user applications.
Subscribe to:
Posts (Atom)
