User interface dependability through goal-error prevention

User interfaces form a critical coupling between humans and computers. When the interface fails, the user fails, and the mission is lost. For example, in computer security applications, human-made configuration errors can expose entire systems to various forms of attack. To avoid interaction failures, a dependable user interface must facilitate the speedy and accurate completion of user tasks. Defects in the interface cause user errors (e.g., goal, plan, action and perception errors), which impinge on speed and accuracy goals, and can lead to mission failure. One source of user error is poor information representation in the interface. This can cause users to commit a specific class of errors - goal errors. A design principle (anchor-based subgoaling) for mitigating this cause was formulated. The principle was evaluated in the domain of setting Windows file permissions. The native Windows XP file permissions interface, which did not support anchor-based subgoaling, was compared to an alternative, called Salmon, which did. In an experiment with 24 users, Salmon achieved as much as a four-fold increase in accuracy for a representative task and a 94% reduction in the number of goal errors committed, compared to the XP interface.

[1]  J. Shaoul Human Error , 1973, Nature.

[2]  Erik Hollnagel,et al.  Cognitive Systems Engineering: New wine in new bottles , 1999, Int. J. Hum. Comput. Stud..

[3]  Michael D. Harrison,et al.  THEA: A Technique for Human Error Assessment Early in Design , 2001, INTERACT.

[4]  Jens Rasmussen,et al.  Cognitive Systems Engineering , 2022 .

[5]  Greg Ganger,et al.  A Prototype User Interface for Coarse-Grained Desktop Access Control (CMU-CS-03-200) , 2003 .

[6]  M. Angela Sasse,et al.  Users are not the enemy , 1999, CACM.

[7]  Roy H. Campbell,et al.  Access control for Active Spaces , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..

[8]  Gary Herrin,et al.  A guide to practical human reliability assessment , 1996 .

[9]  J. Doug Tygar,et al.  Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 , 1999, USENIX Security Symposium.

[10]  Nathaniel Good,et al.  Usability and privacy: a study of Kazaa P2P file-sharing , 2003, CHI '03.

[11]  K. A. Ericsson,et al.  Protocol Analysis: Verbal Reports as Data , 1984 .

[12]  Ka-Ping Yee,et al.  User Interaction Design for Secure Systems , 2002, ICICS.

[13]  John W. Senders,et al.  Human Error: Cause, Prediction, and Reduction , 1991 .

[14]  Mary Ellen Zurko,et al.  A user-centered, modular authorization service built on an RBAC foundation , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).

[15]  Colin Potts,et al.  Design of Everyday Things , 1988 .

[16]  Prasun Dewan,et al.  Controlling access in multiuser interfaces , 1998, TCHI.

[17]  Dirk Balfanz Usable access control for the World Wide Web , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[18]  Mary Ellen Zurko,et al.  User-centered security , 1996, NSPW '96.

[19]  Ganesh S. Oak Information Visualization Introduction , 2022 .

[20]  Scott A. Shappell,et al.  A HUMAN ERROR APPROACH TO AVIATION ACCIDENT ANALYSIS , 2003 .

[21]  Budi Arief,et al.  Computer security impaired by legitimate users , 2004, Comput. Secur..

[22]  E. M. Roth,et al.  Chapter 1 – Cognitive Systems Engineering , 1988 .