Usable security and privacy: a case study of developing privacy management tools

Symposium On Usable Privacy and Security Pub Date : 2005-07-06 DOI:10.1145/1073001.1073005

C. Brodie, Clare-Marie Karat, J. Karat, Jinjuan Feng

{"title":"Usable security and privacy: a case study of developing privacy management tools","authors":"C. Brodie, Clare-Marie Karat, J. Karat, Jinjuan Feng","doi":"10.1145/1073001.1073005","DOIUrl":null,"url":null,"abstract":"Privacy is a concept which received relatively little attention during the rapid growth and spread of information technology through the 1980's and 1990's. Design to make information easily accessible, without particular attention to issues such as whether an individual had a desire or right to control access to and use of particular information was seen as the more pressing goal. We believe that there will be an increasing awareness of a fundamental need to address privacy concerns in information technology, and that doing so will require an understanding of policies that govern information use as well as the development of technologies that can implement such policies. The research reported here describes our efforts to design a privacy management workbench which facilitates privacy policy authoring, implementation, and compliance monitoring. This case study highlights the work of identifying organizational privacy requirements, analyzing existing technology, on-going research to identify approaches that address these requirements, and iteratively designing and validating a prototype with target users for flexible privacy technologies.","PeriodicalId":273244,"journal":{"name":"Symposium On Usable Privacy and Security","volume":"37 5","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-07-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"103","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Symposium On Usable Privacy and Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/1073001.1073005","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 103

Abstract

Privacy is a concept which received relatively little attention during the rapid growth and spread of information technology through the 1980's and 1990's. Design to make information easily accessible, without particular attention to issues such as whether an individual had a desire or right to control access to and use of particular information was seen as the more pressing goal. We believe that there will be an increasing awareness of a fundamental need to address privacy concerns in information technology, and that doing so will require an understanding of policies that govern information use as well as the development of technologies that can implement such policies. The research reported here describes our efforts to design a privacy management workbench which facilitates privacy policy authoring, implementation, and compliance monitoring. This case study highlights the work of identifying organizational privacy requirements, analyzing existing technology, on-going research to identify approaches that address these requirements, and iteratively designing and validating a prototype with target users for flexible privacy technologies.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

可用的安全和隐私:开发隐私管理工具的案例研究

在20世纪80年代和90年代信息技术的快速发展和普及期间，隐私是一个相对较少受到关注的概念。更紧迫的目标是设计使信息易于获取，而不特别注意诸如个人是否希望或有权控制特定信息的获取和使用等问题。我们认为，人们将越来越意识到解决信息技术中隐私问题的根本需要，而这样做将需要理解管理信息使用的政策，以及开发可以实施这些政策的技术。这里报告的研究描述了我们为设计一个隐私管理工作台所做的努力，该工作台可以促进隐私策略的编写、实现和遵从性监控。本案例研究强调了识别组织隐私需求、分析现有技术、正在进行的研究以确定满足这些需求的方法，以及针对灵活隐私技术的目标用户迭代地设计和验证原型的工作。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

Symposium On Usable Privacy and Security

自引率

0.00%

发文量