Evaluating assistance of natural language policy authoring

Authors:
Kami Vaniea;Clare-Marie Karat;Joshua B. Gross;John Karat;Carolyn Brodie
Affiliations:
Carnegie Mellon University, Pittsburgh, PA;IBM T.J. Watson Research, Hawthorne, NY;The Pennsylvania State University, University Park, PA;IBM T.J. Watson Research, Hawthorne, NY;IBM T.J. Watson Research, Hawthorne, NY
Venue:
Proceedings of the 4th symposium on Usable privacy and security
Year:
2008

Citing 12
Cited 0

Privacy policies and practices: inside the organizational maze

Communications of the ACM
Migrating to role-based access control

RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Privacy of medical records: IT implications of HIPAA

ACM SIGCAS Computers and Society
A Privacy Policy Model for Enterprises

CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Inside JetBlue's Privacy Policy Violations

IEEE Security and Privacy
Editorial: why HCI research in privacy and security is critical now

International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Privacy in information technology: designing to enable privacy policy management in organizations

International Journal of Human-Computer Studies - Special isssue: HCI research in privacy and security is critical now
Evaluating interfaces for privacy policy rule authoring

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
An empirical study of natural language parsing of privacy policy rules using the SPARCLE policy workbench

SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Syntax-Directed Pretty Printing A First Step Towards a Syntax-Directed Editor

IEEE Transactions on Software Engineering
On the benefits of confidence visualization in speech recognition

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Usability challenges in security and privacy policy-authoring interfaces

INTERACT'07 Proceedings of the 11th IFIP TC 13 international conference on Human-computer interaction - Volume Part II

Quantified Score

Hi-index	0.00

Visualization

Abstract

The goal of the research study reported here was to investigate policy authors' ability to take descriptions of changes to policy situations and author high-quality, complete policy rules that would parse with high accuracy. As a part of this research, we investigated ways in which we could assist policy authors in writing policies. This paper presents the results of a user study on the effectiveness of providing syntax highlighting in a natural language policy authoring interface. While subjects liked the new interface, they showed no improvement in accuracy when writing rules. We discuss our results in terms of a three phase authoring process that users move through when authoring or modifying policies. We describe this process, discuss why and how our interface failed to support it and make recommendations to designers on how to better support this process.