This year, in Vancouver, Work In Progress Posters session of SIG CHI Conference will feature three research projects of my graduate students.
San-Tsai Sun and his team-mates will present results of investigating the challenges web users face when using OpenID for authentication. They also designed a phishing-resistant, privacy-preserving browser add-on to provide a consistent and intuitive single sign-on user experience for average web users: OpenID-Enabled Browser: Towards Usable and Secure Web Single Sign-On.
Pooya Jaferian and Andreas Sotirakopoulos will present Heuristics for Evaluating IT Security Management Tools. The usability of IT security management (ITSM) tools is hard to evaluate by regular methods, making heuristic evaluation attractive. However, ITSM occurs within a complex and collaborative context that involves diverse stakeholders; this makes standard usability heuristics difficult to apply. We propose a set of ITSM usability heuristics that are based on activity theory and supported by prior research. We performed a study to compare the use of the ITSM heuristics to Nielsen’s heuristics for the evaluation of a commercial identity management system. Our preliminary results show that our new ITSM heuristics performed well in finding usability problems. However, we need to perform the study with more participants and perform more detailed analysis to precisely show the differences in applying the ITSM heuristics as compared to Nielsen’s heuristics.
Fahimeh Raja will present her research on Promoting A Physical Security Mental Model For Personal Firewall Warnings. We used an iterative process to design personal firewall warnings in which the functionality of a firewall is visualized based on a physical security mental model. We performed a study to determine the degree to which our proposed warnings are understandable for our participants, and the degree to which they convey the risks and encourage safe behavior as compared to warnings based on those from a popular personal firewall. Initial results show that our warnings facilitate the comprehension of warning information, better communicate risk, and increase the likelihood of safe behavior. Moreover, they provided participants with a better understanding of both the functionality of a personal firewall and the consequences of their actions.
My former postdoc Kirstie Hawkey has been involved in all the above work projects.