Privacy policies and practices: inside the organizational maze
Communications of the ACM
Migrating to role-based access control
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Privacy of medical records: IT implications of HIPAA
ACM SIGCAS Computers and Society
A Privacy Policy Model for Enterprises
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Inside JetBlue's Privacy Policy Violations
IEEE Security and Privacy
Editorial: why HCI research in privacy and security is critical now
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Privacy in information technology: designing to enable privacy policy management in organizations
International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Evaluating interfaces for privacy policy rule authoring
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Syntax-Directed Pretty Printing A First Step Towards a Syntax-Directed Editor
IEEE Transactions on Software Engineering
On the benefits of confidence visualization in speech recognition
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Usability challenges in security and privacy policy-authoring interfaces
INTERACT'07 Proceedings of the 11th IFIP TC 13 international conference on Human-computer interaction - Volume Part II
Hi-index | 0.00 |
The goal of the research study reported here was to investigate policy authors' ability to take descriptions of changes to policy situations and author high-quality, complete policy rules that would parse with high accuracy. As a part of this research, we investigated ways in which we could assist policy authors in writing policies. This paper presents the results of a user study on the effectiveness of providing syntax highlighting in a natural language policy authoring interface. While subjects liked the new interface, they showed no improvement in accuracy when writing rules. We discuss our results in terms of a three phase authoring process that users move through when authoring or modifying policies. We describe this process, discuss why and how our interface failed to support it and make recommendations to designers on how to better support this process.