Clare-Marie Karat

Patterns of entry and correction in large vocabulary continuous speech recognition systems

A study was conducted to evaluate user performance andsatisfaction in completion of a set of text creation tasks usingthree commercially available continuous speech recognition systems.The study also compared user performance on similar tasks usingkeyboard input. One part of the study (Initial Use) involved 24users who enrolled, received training and carried out practicetasks, and then completed a set of transcription and compositiontasks in a single session. In a parallel effort (Extended Use),four researchers used speech recognition to carry out real worktasks over 10 sessions with each of the three speech recognitionsoftware products. This paper presents results from the Initial Usephase of the study along with some preliminary results from theExtended Use phase. We present details of the kinds of usabilityand system design problems likely in current systems and severalcommon patterns of error correction that we found.

Privacy-aware role-based access control

In this article, we introduce a comprehensive framework supporting a privacy-aware access control mechanism, that is, a mechanism tailored to enforce access control to data containing personally identifiable information and, as such, privacy sensitive. The key component of the framework is a family of models (P-RBAC) that extend the well-known RBAC model in order to provide full support for expressing highly complex privacy-related policies, taking into account features like purposes and obligations. We formally define the notion of privacy-aware permissions and the notion of conflicting permission assignments in P-RBAC, together with efficient conflict-checking algorithms. The framework also includes a flexible authoring tool, based on the use of the SPARCLE system, supporting the high-level specification of P-RBAC permissions. SPARCLE supports the use of natural language for authoring policies and is able to automatically generate P-RBAC permissions from these natural language specifications. In the article, we also report performance evaluation results and contrast our approach with other relevant access control and privacy policy frameworks such as P3P, EPAL, and XACML.

The evolution of user-centered focus in the human-computer interaction field

About 20 years have passed since the first conferences dedicated to human-computer interaction (HCI) were held. In that time many changes have occurred in how we think about making use of data gathered from users of technology to guide the process of designing and developing new hardware and software systems. Throughout this process there has been a productive dialog among academic and industry-based researchers and usability engineering practitioners. Academic research has provided insights into methods for understanding and modeling user behavior, and industry has provided a wide range of exciting technologies for consideration by researchers in HCI. This paper looks at the evolution of the field from the behavioral science perspective. We consider the evolution of the field within professional groups, such as the Association for Computing Machinery Special Interest Group on Computer-Human Interaction (ACM SIGCHI) and the International Federation for Information Processing Technical Committee (IFIP TC13), academic departments (primarily in computer science departments), and industry (primarily within IBM). In this paper we offer a view of this journey of 20 years, along with some visions and challenges of the future.

Usable security and privacy: a case study of developing privacy management tools

Privacy is a concept which received relatively little attention during the rapid growth and spread of information technology through the 1980s and 1990s. Design to make information easily accessible, without particular attention to issues such as whether an individual had a desire or right to control access to and use of particular information was seen as the more pressing goal. We believe that there will be an increasing awareness of a fundamental need to address privacy concerns in information technology, and that doing so will require an understanding of policies that govern information use as well as the development of technologies that can implement such policies. The research reported here describes our efforts to design a privacy management workbench which facilitates privacy policy authoring, implementation, and compliance monitoring. This case study highlights the work of identifying organizational privacy requirements, analyzing existing technology, on-going research to identify approaches that address these requirements, and iteratively designing and validating a prototype with target users for flexible privacy technologies.

User Attitudes Regarding a User-Adaptive eCommerce Web Site

Despite an abundance of recommendations by researchers and more recently by commercial enterprises for adaptive interaction techniques and technologies, there exists little experimental validation of the value of such approaches to users. We have conducted user studies focussed on the perceived value of a variety of personalization features for an eCommerce Web site for computing machinery sales and support. Our study results have implications for the design of user-adaptive applications. Interesting findings include unenthusiastic user attitudes toward system attempts to infer user needs, goals, or interests and to thereby provide user-specific adaptive content. Users also expressed equivocal opinions of collaborative filtering for the specific eCommerce scenarios we studied; thus personalization features popular in one eCommerce environment may not be effective or useful for other eCommerce domains. Users expressed their strong desire to have full and explicit control of data and interaction. Lastly, users want readily to be able to make sense of site behavior, that is, to understand a site’s rationale for displaying particular content.

Privacy in information technology: designing to enable privacy policy management in organizations

As information technology continues to spread, we believe that there will be an increasing awareness of a fundamental need to address privacy concerns, and that doing so will require an understanding of policies that govern information use accompanied by development of technologies that can implement such policies. The research reported here describes our efforts to design a system which facilitates privacy policy authoring, implementation, and compliance monitoring. We employed a variety of user-centered design methods with 109 target users across the four steps of the research reported here. This case study highlights the work of identifying organizational privacy requirements, iteratively designing and validating a prototype with target users, and conducting laboratory tests to guide specific design decisions to meet the needs of providing flexible privacy enabling technologies. Each of the four steps in our work is identified and described, and directions for future work in privacy are suggested.

Personalizing the user experience on ibm.com

In this paper, we describe the results of an effort to first understand the value of personalizing a Web site, as perceived by the visitors to the site as well as by the stakeholder organization that owns it, and then to develop a strategy for introducing personalization to the ibm.com Web site. We started our investigation by conducting literature reviews, holding brainstorming sessions with colleagues around the world, and performing heuristic usability evaluations of several relevant Web sites. We adopted a User-Centered Design approach and conducted a number of usability studies applied to the subset of the ibm.com Web site that business customers use for all aspects of purchase, service, and support of computer equipment. These studies employed a number of low- and medium- fidelity prototypes that we developed for this purpose. Our proposal for personalizing ibm.com consists of a set of 12 personalization features, selected for the value they offer to customers and to the business.

Evaluating interfaces for privacy policy rule authoring

Privacy policy rules are often written in organizations by a team of people in different roles. Currently, people in these roles have no technological tools to guide the creation of clear and implementable high-quality privacy policy rules. High-quality privacy rules can be the basis for verifiable automated privacy access decisions. An empirical study was conducted with 36 users who were novices in privacy policy authoring to evaluate the quality of rules created and user satisfaction with two experimental privacy authoring tools and a control condition. Results show that users presented with scenarios were able to author significantly higher quality rules using either the natural language with a privacy rule guide tool or a structured list tool as compared to an unguided natural language control condition. The significant differences in quality were found in both user self-ratings of rule quality and objective quality scores. Users ranked the two experimental tools significantly higher than the control condition. Implications of the research and future research directions are discussed.

Usability challenges in security and privacy policy-authoring interfaces

Policies, sets of rules that govern permission to access resources, have long been used in computer security and online privacy management; however, the usability of authoring methods has received limited treatment from usability experts. With the rise in networked applications, distributed data storage, and pervasive computing, authoring comprehensive and accurate policies is increasingly important, and is increasingly performed by relatively novice and occasional users. Thus, the need for highly usable policy-authoring interfaces across a variety of policy domains is growing. This paper presents a definition of the security and privacy policy-authoring task in general and presents the results of a user study intended to discover some usability challenges that policy authoring presents. The user study employed SPARCLE, an enterprise privacy policy-authoring application. The usability challenges found include supporting object grouping, enforcing consistent terminology, making default policy rules clear, communicating and enforcing rule structure, and preventing rule conflicts. Implications for the design of SPARCLE and of user interfaces in other policy-authoring domains are discussed.

Productivity, satisfaction, and interaction strategies of individuals with spinal cord injuries and traditional users interacting with speech recognition software

Abstract.Speech recognition is an important technology that is becoming increasingly effective for dictation-oriented activities. While recognition accuracy has increased dramatically in recent years, recent studies confirm that traditional computer users are still faster using a keyboard and mouse and spend more time correcting errors than dictating. Further, as these users become more experienced they frequently adopt multimodal strategies that require the keyboard and mouse when correcting errors. While speech recognition can be a convenient alternative for traditional computer users, it can be a powerful tool for individuals with physical disabilities that limit their ability to use a keyboard and mouse. However, research into the performance, satisfaction, and usage patterns of individuals with physical disabilities has not been reported. In this article, we report on a study that provides initial insights into the efficacy of existing speech recognition systems with respect to individuals with physical disabilities. Our results confirm that productivity does not differ between traditional users and those with physical disabilities. In contrast, numerous differences were observed when users rated their satisfaction with the system and when usage patterns were analyzed.