This report outlines the history of the Purdue Online Writing Lab (OWL) and details the OWL Usability Project through the summer of 2006. The paper also discusses test methodologies,  describes test methods, provides participant demographics, and presents findings and recommendations of the tests. The purpose of this report is to provide researchers,  administrators, and pedagogues interested in usability and Writing Labs access to information on the Purdue OWL Usability Project. We hope our findings—and this open source approach to our research—will contribute positively to the corpus on usability and Writing Lab studies.
  On August 26, 2005, the Writing Lab launched its redesigned OWL. Although the redesign improved on the original site (launched in 1994), tests show the new OWL could be refined to improve usability.
  A pilot usability test conducted in early February 2006 showed participants did not understand all the OWL resources and were sometimes confused while using the OWL. Based on the results of the pilot test, we conducted two generations (G1 and G2) of formal usability tests between late February and early July 2006. The results of the tests indicate the following: 
  • Participants who had previously used OWL preferred the redesigned OWL to the original OWL
  However:  • Participants wanted design features the redesigned OWL does not currently offer • Participants took time and number of mouse clicks to complete some tasks than expected • Participants could not complete some tasks • Some participants’ responses to the redesigned OWL were neutral, which does not represent the positive impression the Writing Lab desires for its new OWL.
  In addition to the results above, we also encountered two unexpected, but very important,  findings: first, usability testing can work as a dynamic, user-centered method of invention;  second, previous and new user impressions of the OWL are different. Participants who visited the old OWL and the new OWL reacted more positively than those participants who had not visited the old OWL. We interpret this data as a sign of success for the new OWL. Based on test data, we recommend: 
  1. Design links/pages around the types of visitors using the OWL (user-based taxonomy)  2. Move the navigation bar from the right side to the left side of the OWL 3. Add a search function 4. Incorporate graphical logos in the OWL Family of Sites homepage 5. Continue testing to measure usability and to generate new ideas for design and content.
  Online Writing Lab programmers have integrated some of these changes, and overall, we believe the redesign is a success. Test participants call the new site “impressive” and “a great site.”  Participant attitudes are probably best described by this unsolicited comment: “It still needs work, but it’s better than the old site!” Theory-based, data-driven updates on the redesign continue, and usability testing will work to help the Writing Lab and its OWL users. We believe that the information presented in this report, as well as other open-source venues connected with this project, can positively impact usability and Writing Lab studies and can serve as a guide to inform multidisciplinary research and cooperation.

Twenty years after the publication of Patricia Sullivan’s ldquoBeyond a narrow conception of usability testingrdquo in the IEEE Transactions on Professional Communication, three scholars - all Sullivan’s students - reflect on the history and development of usability testing and research. Following Sullivan, this article argues that usability bridges the divide between science and rhetoric and asserts that usability is most effective when it respects the knowledge-making practices of a variety of disciplines. By interrogating trends in usability method, the authors argue for a definition of usability that relies on multiple epistemologies to triangulate knowledge-making. The article opens with a brief history of the development of usability methods and argues that usability requires a balance between empirical observation and rhetoric. Usability interprets human action and is enriched by articulating context and accepting contingency. Usability relies on effective collaboration and cooperation among stakeholders in the design of technology. Ultimately, professional and technical communication scholars are best prepared to coin new knowledge with a long and wide view of usability.

A P2P computing environment can be an ideal platform for resource-sharing services in an organisation if it provides trust mechanisms. Current P2P technologies offer content-sharing services for non-sensitive public domains in the absence of trust mechanisms. The lack of sophisticated trust mechanisms in the current P2P environment has become a serious constraint for broader applications of the technology although it has great potential. Therefore in this work an approach for securing transactions in the P2P environment is introduced, and ways to incorporate an effective and scalable access control mechanism – role-based access control (RBAC) – into current P2P computing environments has been investigated, proposing two different architectures: requesting peer-pull (RPP) and ultrapeer-pull (UPP) architectures. To provide a mobile, session-based authentication and RBAC, especially in the RPP architecture, lightweight peer certificates (LWPCs) are developed. Finally, to prove the feasibility of the proposed ideas, the RPP and UPP RBAC architectures are implemented and their scalability and performance are evaluated.

Current approaches to access control on the Web servers do not scale to enterprise-wide systems because they are mostly based on individual user identities. Hence we were motivated by the need to manage and enforce the strong and efficient RBAC access control technology in large-scale Web environments. To satisfy this requirement, we identify two different architectures for RBAC on the Web, called user-pull and server-pull. To demonstrate feasibility, we implement each architecture by integrating and extending well-known technologies such as cookies, X.509, SSL, and LDAP, providing compatibility with current web technologies. We describe the technologies we use to implement RBAC on the Web in different architectures. Based on our experience, we also compare the tradeoffs of the different approaches.

As information systems develop into larger and more complex implementations, the need for survivability increases. Also, as the need to protect information systems becomes increasingly vital as new threats are identified each day, it becomes more and more difficult to build systems that will identify and recover from such threats. This is particularly pressing for distributed mission-critical systems, which cannot afford a letdown in functionality even though there are internal component failures or compromises with malicious codes, especially in a downloaded component from an extremal organization. Therefore, when using such a component, we should check to see if the source of the component is trusted and that the code has not been modified in an unauthorized manner since it was created. Furthermore, once we find failures or malicious codes in the component, we should fix those problems and recover the original functionality of the component in runtime so that we can support survivability in the mission-critical system. In this paper we define our definition of survivability, discuss the survivability challenges in component-sharing in a large distributed system, identify the static and dynamic survivability models, and discuss their trade-offs. Consequently, we propose novel approaches for component survivability in runtime. Finally, we prove the feasibility of our ideas by implementing component recovery against component failures and malicious codes.

Providing automated responses to security incidents in a distributed computing environment has been an important area of research. This is due to the inherent complexity of such systems that makes it difficult to eliminate all vulnerabilities before deployment and costly to rely on humans for responding to incidents in real time. Here we formalize the process of providing automated responses in a distributed system and the criterion for asserting global optimality of the responses. We show that reaching the globally optimal solution is an NP-complete problem. Therefore we design a genetic algorithm framework for searching for good solutions. In the search for optimality, we exploit the similarities among attacks, and use the knowledge learnt from previous attacks to guide future search. The mechanism is demonstrated on a distributed e-commerce system called Pet Store with injection of real attacks and is shown to improve the survivability of the system over the previously reported ADEPTS system.