User Managed Access: User Interface

Session topic: User-Managed Access Authorization Manager UX Study (W3E)

Convener: Maciej Wolniak, Lukasz Moren (Newcastle University)

Notes-taker(s): Maciej Machulak

Tags for the session - technology discussed/ideas considered:

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

Maciej presented the UX study on the UMA Authorization Manager. First, introduction on UMA, then description of the research study, the description of the 1st version of AM, then research results, then the new AM and conclusions.

Research study:

Learnability, efficiency, memorability, errors recovery, satisfaction

- this are the usability factors that have been assessed.
 * 34 participants
 * men and women, age 19-50
 * questionnaire-based: interviews and online form
 * sample task
 * participants’ feedback

Study results:

users found the manager complex due to many steps in the process
 * confusing colour scheme
 * respondents reported the layout to be comprehensible
 * they stated it could have been better
 * major flaw, confusing headlines


 * illogical layout - elements do not correspond with the steps of the task
 * counter intuitive – drag boxes
 * accordion module
 * vague form fields
 * lack of colours
 * more help requested

Based on the initial research study, the following user-required improvements have been defined:
 * more intuitive
 * more logical
 * more visual
 * more colours
 * more precise form fields

Then, the new Authorization Manager (SMART AM V2.0) is shown - the previously defined sample task is shown using the new UI - there’s a small difference in comparison to the earlier task - resources are not registered at the AM but are registered from the Host application (e.g. user clicks the Share button).

Question: Was that the conscious choice to have all the information when defining a policy on a single screen?

Answer: Yes, this was to provide a user with a consistent and easy to use UI. At this point of time, there’s only a minimum amount of information that can be managed at the AM. If we wanted to introduce additional features (e.g. calendar to specify that permissions are valid for a certain period of time) then we would probably for a wizard-like screen.

Comment: There's a necessity to evaluate the understanding of the Authorization Manager, not only the usability. The usability might be good but the understanding might be low (because UMA is quite a new model and may be confusing for the users).

Lessons learnt from the UX study:
 * keep the UI simple
 * emphasise key features
 * show only necessary options
 * indicate current stage in the cycle

When the user clicks on Share being at the Host then he knows the context of the actions he performs (i.e. in the previous SMART AM the user would register resources from the AM side and not from the Host side).

Newcastle University team plans to continue the work on the Authorization Manager:
 * conducting another UX research
 * include at least the same number of participants (preferably more)
 * perform a new user evaluation study based on the new user interface
 * apply the same questionnaire – try thinking aloud method or voice recording

There's a necessity for heuristic evaluation - small number of usability experts assesing the UI (3-4 people).

You can check out http://www.smartam.net and comment futher. It would be great to provide more integration points between the host and the AM..