NotesFAQContact Us
Collection
Advanced
Search Tips
ERIC Number: ED553849
Record Type: Non-Journal
Publication Date: 2013
Pages: 149
Abstractor: As Provided
Reference Count: N/A
ISBN: 978-1-3031-1222-5
ISSN: N/A
User Centric Policy Management
Cheek, Gorrell P.
ProQuest LLC, Ph.D. Dissertation, The University of North Carolina at Charlotte
Internet use, in general, and online social networking sites, in particular, are experiencing tremendous growth with hundreds of millions of active users. As a result, there is a tremendous amount of privacy information and content online. Protecting this information is a challenge. Access control policy composition is complex, laborious and tedious for the average user. Usable access control frameworks have lagged. Acceptance/use of available frameworks is low. As a result, policies are only partially configured and maintained. Or, they may be all together ignored. This leads to privacy information and content not being properly protected and potentially unknowingly made available to unintended recipients. We overcome these limitations by introducing User Centric Policy Management--a new paradigm of semi-automated tools that aid users in building, recommending and maintaining their online access control policies. We introduce six user centric policy management assistance tools: "Policy Manager" is a supervised learning based mechanism that leverages user provided example policy settings to build classifiers that are the basis for auto-generated policies. "Assisted Friend Grouping" leverages proven clustering techniques to assist users in grouping their friends for policy management purposes. "Same-As Subject Management" leverages a user's memory and opinion of their friends to set policies for other similar friends. "Example Friend Selection" provides different techniques for aiding users in selecting friends used in the development of access control policies. "Same-As Object Management" leverages a user's memory and perception of their objects for setting policies for other similar objects. "iLayer" is a least privilege based access control model for web and social networking sites that builds, recommends and enforces access control policies for third party developed applications. To demonstrate the effectiveness of these policy management assistance tools, we implemented a suite of prototype applications, conducted numerous experiments and completed a number of extensive user studies. The results show that User Centric Policy Management is a more usable access control framework that is effective, efficient and satisfying to the user, which ultimately improves online security and privacy. [The dissertation citations contained here are published with the permission of ProQuest LLC. Further reproduction is prohibited without permission. Copies of dissertations may be obtained by Telephone (800) 1-800-521-0600. Web page: http://www.proquest.com/en-US/products/dissertations/individuals.shtml.]
ProQuest LLC. 789 East Eisenhower Parkway, P.O. Box 1346, Ann Arbor, MI 48106. Tel: 800-521-0600; Web site: http://www.proquest.com/en-US/products/dissertations/individuals.shtml
Publication Type: Dissertations/Theses - Doctoral Dissertations
Education Level: N/A
Audience: N/A
Language: English
Sponsor: N/A
Authoring Institution: N/A