Exploring Visualization Techniques to Enhance Privacy Control UX for User-

Managed Access

Newcastle University

Domenico Catalano, Maciej Wolniakand the Smart Team

1 V.321st July, 2011

Agenda

• Data sharing and online privacy

• SmartAM Information Ecology

• Enhance privacy control

‣ UMA Connection

‣ UMA Control bridge

• Future works

• User Experience

2

Data sharing

3

Biographical

Biological

Genealogical

Historical

Locational

Computational

Vocational

Reputational

Transactional

Relational

Online Privacy is about sharing

The Paradigm User Data sharing and online Privacy

4

SmartAM Information Ecology

5

Context

Content User

SmartAM Information Ecology

• UMA/SmartAM Context

‣ Provide an advance system to allow internet user to protect and share online information

‣ Prevent of lost of user privacy

‣ Adhere to the international privacy regulations

‣ Secure online information (access control)

6

Context

Content User

SmartAM Information Ecology

• UMA/SmartAM Content

‣ Authorizing User information

‣ Authorizing User’s Web resource info

‣ Authorization Policies

‣ Requesting Parties Information

‣ Analytics information (who, when, what)

7

Context

Content User

SmartAM Information Ecology

• UMA/SmartAM User

‣ Internet User/Social networking user

‣ Company

‣ Developer

‣ Government

‣ Curios!!

8

Context

Content User

9

SmartAM UX

SmartAM states system

10

Subject

Host

AMHomepage

Resource

UserLogin

DevLearnMore

Protect &Share

User Welcome

Page

ViewResource

Setting Policy

ControlBridge

ResourceShared

smartam UX StudyPossible actions and states of the system

Notregistered

User

Wiki

Requester

A1A3

A4

A5

ResourceRegistered

ConsentDefaultPolicy

Privacy

A6

A7

A9A10

Conceptual model

B1

B3

B2

B4B5

B6

B10

B7B8

B9

B11

A2

Host Site

APP

ClientPrivileged

App forMySelf

C1 C2 ConsentApp Actions

PolicyDefinition

UserSettings

Initial state

Initial state

Initial state

Authorizing Userinteraction

ManageContacts

Connection

A8

PossibleActions

VisibleThings

State of System

User intentionsvs

Required Actions

Understand the nature of data sharing policy in distributed environment

• UMA model centralizes the authorization policies for all the Authorizing User's distributed web resource (protected resource).

• The externalization of the policies introduces a new level of complexity because the user must (mentally) map the authorization structure for each resource, in more sophisticate one.

• This new layer must be able to abstracting the existent, although it must be able to enhance the control on the information that will be shared.

• Increasing of Protected resources and requesting parties could be mentally difficult for the user to maintain control in practice on the information.

11

Risks

• Lost of Privacy

• Exploit of online personal Information

• Security breach

12

Enhance Privacy Control through visualization

• As result a context authorization policy and a governor system is definitely desirable.

• We introduce two new design concepts:

‣

‣

• A visualization tool is necessary to facilitate the creation of the sharing policy and the control of the privacy.

13

UMA Connection

UMA ControlTMbridge

UMA Connection• An UMA Connection defines a context of the data sharing policy.

‣ It’s a set of objects, including Contacts, authorized Apps and allowed actions on a specific resource.

‣ It can include access restrictions (i.e. period validity) and/or Trusted Claims request to restrict access based on subject’s information.

• An UMA Connection is fundamental to enhance user control for what purpose the information will be revealed.

• UMA Connection uses a visualization approach which helps user to define an appropriate context.

• An Authorizing User can create a Connection for him-self or for others.

• A Connection doesn’t incapsulate other connections.

14

Structure of UMA Connection

15

Visualizing UMA Connection

16

Resource

OthersConnection

University

Class

Prof

Contacts

SocialApps

UMA Connection

UMA Control bridge

• UMA Control bridge

‣ Is designed to adhere to the user-centric identity paradigm.

‣ Provides a primary user interface for control Resources, Connections, Apps and requesters.

‣ Provides a dashboard with main statistic information about connection, shared data, etc.

‣ Incorporates a single view of these main controls, including a notification bar for new access request.

‣ Provides 3-steps actions to get access to specific view, excluding optional view.

17UMA ControlTM

bridge

Maintain control on Information that will be revealed

18

University

Personal Data

Self-Registration

Collab Professional

ClassProf

Business

Friend

ProjectA

MySelf

MySelf

Future works

• Graph Algorithm

• Super Connection (Basket of Resources)

• Visualization techniques (HTML5)

19

User eXperience

20

Thanks

21