User-Controllable Learning of Security and Privacy Policies
pdf
ABSTRACT
Users are expected to configure a wide range of security and privacy policies (e.g. smart phone security policies, role-based access control policies, facebook privacy policies, data leakage prevention policies). Yet research shows that they have great difficulty doing so. In this project, we have been researching new families of user-oriented machine learning techniques aimed at helping users express and refine security and privacy policies. This includes the development and evaluation of clustering techniques designed to generate security and privacy personas that are easy to understand by users. This also includes the design and evaluation of user-controllable policy learning techniques capable of leveraging user feedback to generate suggestions for refining a user’s existing policy. Results obtained in the context of location sharing privacy policies indicate that both types of techniques can contribute to increasing policy accuracy and reduce user burden.
Award ID: 0905562
Submitted by Katie Dey
on
ABSTRACT
Users are expected to configure a wide range of security and privacy policies (e.g. smart phone security policies, role-based access control policies, facebook privacy policies, data leakage prevention policies). Yet research shows that they have great difficulty doing so. In this project, we have been researching new families of user-oriented machine learning techniques aimed at helping users express and refine security and privacy policies. This includes the development and evaluation of clustering techniques designed to generate security and privacy personas that are easy to understand by users. This also includes the design and evaluation of user-controllable policy learning techniques capable of leveraging user feedback to generate suggestions for refining a user’s existing policy. Results obtained in the context of location sharing privacy policies indicate that both types of techniques can contribute to increasing policy accuracy and reduce user burden.
Award ID: 0905562