First, we'll look at something like: at what level of
detail does the interface allow objects and actions to be separately manipulated?
What we're talking about here is how much detail is
shown to the user about a process that's going on.
For example, if a user's downloading an application from the Web, they can
click on a link, and then a whole series of pretty complicated steps takes place,
from making network connections, to implementing the internet protocols to
actually transfer the packets with that file to the users computer,
the downloading of those onto the users computer, their assembly, and
finally their creation into a coherent file.
If the user's task is just to download an application to run, they really don't need
to see all those details of the process of creating the file.
So it's more secure to hide those because if you expose them to the user,
there's a chance that there may be errors that the user unintentionally introduces
into the process.
At the same time, if we abstract this to too high a level,
we can end up doing something like, the user clicks on a program and
suddenly installs it and it's running on their computer.
That can be tremendously insecure.
And it takes away a level of detail that the user actually might be
quite capable of interacting with.
So you need to think about, for your particular users and
the tasks that they're undertaking, how much detail do you want to show them,
and what should be hidden.