Visualization And Semantics To Support Fast And Accurate Policy Authoring
Presenter
Lorrie Cranor, Carnegie Mellon University
Time
Session II - 10:45am - 12:00pm
Abstract
This project addresses the problem of designing user interfaces to support creating, editing, and viewing security and privacy policies. User interfaces for policy authoring can greatly affect whether policies match their authors’ intentions; a bad user interface can lead to policies with many errors, while a good user interface can ensure that a policy matches its author’s intentions. Traditional methods of displaying security and privacy policies in user interfaces are deficient because they place an undue burden on policy authors to interpret nuanced rules or convoluted natural language. We introduce the Expandable Grid, a novel technique for displaying policies in a user interface. An Expandable Grid is an interactive matrix visualization designed to address the problems that traditional policy-authoring interfaces have in conveying policies to users. Our evaluations of the Expandable Grid system for setting file permissions and its associated policy semantics show that the Expandable Grid can greatly improve the speed and accuracy with which policy authors complete tasks compared to traditional policy-authoring interfaces. [This is joint work with Rob Reeder, Michael Reiter, and Lujo Bauer]
Presentation
Download (PPT, 2.0 MB)