Out of sight, out of mind: Effects of displaying access-control information near the item it controls

2012 10th Annual International Conference on Privacy, Security and Trust, PST 2012

Volumn , Issue , 2012, Pages 128-136

  Vaniea, Kami ^a   Bauer, Lujo ^a   Cranor, Lorrie Faith ^a   Reiter, Michael K ^b  

^a CARNEGIE MELLON UNIVERSITY   (United States)

^b UNIVERSITY OF NORTH CAROLINA   (United States)

Author keywords

access control; human factors; visualization

Indexed keywords

ERRORS; FLOW VISUALIZATION; HUMAN ENGINEERING; WEBSITES;

ACCESS CONTROL;

EID: 84868245647     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/PST.2012.6297929     Document Type: Conference Paper

References (19)

1. M. Madejski, M. Johnson, and S. M. Bellovin, "The failure of online social network privacy settings," Department of Computer Science, Columbia University, Tech. Rep. CUCS-010-11, 2011.
2. Y. Wang, S. Komanduri, P. G. Leon, G. Norcie, A. Acquisti, and L. F. Cranor, ""I regretted the minute I pressed share": A Qualitative Study of Regrets on Facebook," in Proc. SOUPS, 2011.
3. T. Whalen, D. Smetters, and E. F. Churchill, "User experiences with sharing and access control," in Proc. CHI, 2006.
4. A. Besmer and H. Richter Lipford, "Moving beyond untagging: Photo privacy in a tagged world," in Proc. CHI, 2010.
5. L. F. Cranor, "Privacy policies and privacy preferences," in Privacy and Usability, L. F. Cranor and S. Garfinkel, Eds. O'Reilly, 2005.
6. J. King, A. Lampinen, and A. Smolen, "Privacy: Is there an app for that?" in Proc. SOUPS, 2011.
7. W. D. Ellis, A Source Book of Gestalt Psychology. Psychology Press, 1999.
8. R. W. Reeder, L. Bauer, L. F. Cranor, M. K. Reiter, K. Bacon, K. How, and H. Strong, "Expandable grids for visualizing and authoring computer security policies," in Proc. CHI, 2008.
9. R. W. Reeder, L. Bauer, L. F. Cranor, M. K. Reiter, and K. Vaniea, "More than skin deep: Measuring effects of the underlying model on access-control system usability," in Proc. CHI, 2011.
10. J. Tam, R. W. Reeder, and S. Schechter, "I'm allowing what? disclosing the authority applications demand of users as a condition of installation." Microsoft, Tech. Rep. MSR-TR-2010-54, 2010.
11. "Gallery 3," Website, Mar. 2012, http://gallery.menalto.com/.
12. S. Ahern, D. Eckles, N. S. Good, S. King, M. Naaman, and R. Nair, "Over-exposed?: Privacy patterns and considerations in online and mobile photo sharing," in Proc. CHI, 2007.
13. E. Lieberman and R. Miller, "Facemail: showing faces of recipients to prevent misdirected email," in Proc. SOUPS, 2007.
14. Y. Wang, "A framework for Privacy-Enhanced personalization," Ph.D. Dissertation, University of California, Irvine, 2010.
15. S. Egelman, A. Oates, and S. Krishnamurthi, "Oops, i did it again: Mitigating repeated access control errors on Facebook," in Proc. CHI, 2011.
16. J. Sunshine, S. Egelman, H. Almuhimedi, N. Atri, and L. F. Cranor, "Crying wolf: An empirical study of SSL warning effectiveness," in Proc. USENIX Security, 2009.
17. A. Adams and M. A. Sasse, "Users are not the enemy," in Communications of the ACM, 1999.
18. C. Herley, "So long, and no thanks for the externalities: The rational rejection of security advice by users," in Proc. NSPW'09, 2009.
19. A. Sotirakopoulos, K. Hawkey, and K. Beznosov, "On the challenges in usable security lab studies: Lessons learned from replicating a study on SSL warnings," in Proc. SOUPS, 2011.