The programmer's apprentice
Conflicts in Policy-Based Distributed Systems Management
IEEE Transactions on Software Engineering
Justifying proofs using memo tables
Proceedings of the 2nd ACM SIGPLAN international conference on Principles and practice of declarative programming
A modular approach to composing access control policies
Proceedings of the 7th ACM conference on Computer and communications security
Unpacking "privacy" for a networked world
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
DrScheme: a programming environment for Scheme
Journal of Functional Programming
Elaborating Security Requirements by Construction of Intentional Anti-Models
Proceedings of the 26th International Conference on Software Engineering
OOPSLA '04 Companion to the 19th annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
Personal privacy through understanding and action: five pitfalls for designers
Personal and Ubiquitous Computing
A study of preferences for sharing and privacy
CHI '05 Extended Abstracts on Human Factors in Computing Systems
Verification and change-impact analysis of access-control policies
Proceedings of the 27th international conference on Software engineering
Software—Practice & Experience - Grid Security
User experiences with sharing and access control
CHI '06 Extended Abstracts on Human Factors in Computing Systems
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Give and take: a study of consumer photo-sharing culture and practice
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Implementation and use of the PLT scheme Web server
Higher-Order and Symbolic Computation
Security Requirements Engineering: A Framework for Representation and Analysis
IEEE Transactions on Software Engineering
Expandable grids for visualizing and authoring computer security policies
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Usability challenges in security and privacy policy-authoring interfaces
INTERACT'07 Proceedings of the 11th IFIP TC 13 international conference on Human-computer interaction - Volume Part II
More than skin deep: measuring effects of the underlying model on access-control system usability
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Oops, I did it again: mitigating repeated access control errors on facebook
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
A design phase for data sharing agreements
DPM'11 Proceedings of the 6th international conference, and 4th international conference on Data Privacy Management and Autonomous Spontaneus Security
Hi-index | 0.00 |
Policy authors typically reconcile several different mental models and goals, such as enabling collaboration, securing information, and conveying trust in colleagues. The data underlying these models, such as which roles are more trusted than others, isn't generally used to define policy rules. As a result, policy-management environments don't gather this information; in turn, they fail to exploit it to help users check policy decisions against their multiple perspectives. We present a model of triangulating authoring environments that capture the data underlying these different perspectives, and iteratively sanity-check policy decisions against this information while editing. We also present a tool that consumes instances of the model and automatically generates prototype authoring tools for the described domain.