Error Analysis of a Security-Oriented User Interface

摘要

User interfaces form a critical juncture between humans and computers. When the interface fails, the user fails, and the mission is lost. For example, in computer security applications, human-made configuration errors can expose entire systems to various forms of attack. To avoid interaction failures, a dependable user interface must facilitate user-task completion as quickly and as accurately as possible. Defects in the interface cause user errors (e.g., goal, plan, action and perception errors), that impinge on accuracy goals, and can lead to mission failure. This paper explores the causes of goal errors, asking what aspects of a user interface contribute to or detract from a users propensity to commit goal errors. A design principle (anchor-based subgoaling) was formulated for avoiding goal errors. Implementing this principle requires presenting the user with a salient representation, or anchor, of the goal state, and providing a framework to facilitate a users creation and pursuit of subgoals to complete a task. Two interfaces for setting user file permissions were tested: Windows XP and an alternative. The alternative supported anchor-based subgoaling, and Windows did not. Experiments with 24 human subjects demonstrated the increased effectiveness of the alternative interface, obtaining as much as a four-fold increase in accuracy in a representative user task, and a 94% reduction in the number of goal-error occurrences.