Access Control Policy Analysis with a Visualization Tool for Social Network Systems
Understanding privacy implications of access control policies is a complex task for the users of social network systems. Users need tool support to articulate on access scenarios and perform policy analysis. In this work, we develop a prototypical tool for reflective policy assessment (RPA) – a process in which a user examines her profile from the viewpoint of another user in her extended neighborhood in the social graph. Since an unrestricted view of one's extended neighborhood may compromise the privacy of others, our visualization tool approximates the extended neighborhood of a user in such a way that policy assessment can still be conducted in a meaningful manner, while the privacy of other users is preserved. We verify the utility and usability of our tool in a within-subject user study.
Security, Human Factors