exploring visualization techniques to enhance privacy control ux for user-managed access
TRANSCRIPT
Exploring Visualization Techniques to Enhance Privacy Control UX for User-
Managed Access
Newcastle University
Domenico Catalano, Maciej Wolniakand the Smart Team
1 V.321st July, 2011
Agenda
• Data sharing and online privacy
• SmartAM Information Ecology
• Enhance privacy control
‣ UMA Connection
‣ UMA Control bridge
• Future works
• User Experience
2
Data sharing
3
Biographical
Biological
Genealogical
Historical
Locational
Computational
Vocational
Reputational
Transactional
Relational
Online Privacy is about sharing
The Paradigm User Data sharing and online Privacy
4
SmartAM Information Ecology
5
Context
Content User
SmartAM Information Ecology
• UMA/SmartAM Context
‣ Provide an advance system to allow internet user to protect and share online information
‣ Prevent of lost of user privacy
‣ Adhere to the international privacy regulations
‣ Secure online information (access control)
6
Context
Content User
SmartAM Information Ecology
• UMA/SmartAM Content
‣ Authorizing User information
‣ Authorizing User’s Web resource info
‣ Authorization Policies
‣ Requesting Parties Information
‣ Analytics information (who, when, what)
7
Context
Content User
SmartAM Information Ecology
• UMA/SmartAM User
‣ Internet User/Social networking user
‣ Company
‣ Developer
‣ Government
‣ Curios!!
8
Context
Content User
9
SmartAM UX
SmartAM states system
10
Subject
Host
AMHomepage
Resource
UserLogin
DevLearnMore
Protect &Share
User Welcome
Page
ViewResource
Setting Policy
ControlBridge
ResourceShared
smartam UX StudyPossible actions and states of the system
Notregistered
User
Wiki
Requester
A1A3
A4
A5
ResourceRegistered
ConsentDefaultPolicy
Privacy
A6
A7
A9A10
Conceptual model
B1
B3
B2
B4B5
B6
B10
B7B8
B9
B11
A2
Host Site
APP
ClientPrivileged
App forMySelf
C1 C2 ConsentApp Actions
PolicyDefinition
UserSettings
Initial state
Initial state
Initial state
Authorizing Userinteraction
ManageContacts
Connection
A8
PossibleActions
VisibleThings
State of System
User intentionsvs
Required Actions
Understand the nature of data sharing policy in distributed environment
• UMA model centralizes the authorization policies for all the Authorizing User's distributed web resource (protected resource).
• The externalization of the policies introduces a new level of complexity because the user must (mentally) map the authorization structure for each resource, in more sophisticate one.
• This new layer must be able to abstracting the existent, although it must be able to enhance the control on the information that will be shared.
• Increasing of Protected resources and requesting parties could be mentally difficult for the user to maintain control in practice on the information.
11
Risks
• Lost of Privacy
• Exploit of online personal Information
• Security breach
12
Enhance Privacy Control through visualization
• As result a context authorization policy and a governor system is definitely desirable.
• We introduce two new design concepts:
‣
‣
• A visualization tool is necessary to facilitate the creation of the sharing policy and the control of the privacy.
13
UMA Connection
UMA ControlTMbridge
UMA Connection• An UMA Connection defines a context of the data sharing policy.
‣ It’s a set of objects, including Contacts, authorized Apps and allowed actions on a specific resource.
‣ It can include access restrictions (i.e. period validity) and/or Trusted Claims request to restrict access based on subject’s information.
• An UMA Connection is fundamental to enhance user control for what purpose the information will be revealed.
• UMA Connection uses a visualization approach which helps user to define an appropriate context.
• An Authorizing User can create a Connection for him-self or for others.
• A Connection doesn’t incapsulate other connections.
14
Structure of UMA Connection
15
Visualizing UMA Connection
16
Resource
OthersConnection
University
Class
Prof
Contacts
SocialApps
UMA Connection
UMA Control bridge
• UMA Control bridge
‣ Is designed to adhere to the user-centric identity paradigm.
‣ Provides a primary user interface for control Resources, Connections, Apps and requesters.
‣ Provides a dashboard with main statistic information about connection, shared data, etc.
‣ Incorporates a single view of these main controls, including a notification bar for new access request.
‣ Provides 3-steps actions to get access to specific view, excluding optional view.
17UMA ControlTM
bridge
Maintain control on Information that will be revealed
18
University
Personal Data
Self-Registration
Collab Professional
ClassProf
Business
Friend
ProjectA
MySelf
MySelf
Future works
• Graph Algorithm
• Super Connection (Basket of Resources)
• Visualization techniques (HTML5)
19
User eXperience
20
Thanks
21