Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Generation of usable policy administration points for security and privacy

: Rudolph, Manuel
: Rombach, Dieter; Pretschner, Alexander; Deßloch, S.

Volltext urn:nbn:de:0011-n-5787348 (9.2 MByte PDF)
MD5 Fingerprint: b7c696b16433469aee948ffbc7ecbd51
Erstellt am: 6.3.2020

Stuttgart: Fraunhofer Verlag, 2020, XXIII, 353 S.
Zugl.: Kaiserslautern, TU, Diss., 2019
PhD Theses in Experimental Software Engineering, 68
ISBN: 978-3-8396-1579-9
Dissertation, Elektronische Publikation
Fraunhofer IESE ()
privacy & data protection; user interface design & usability; Informatiker; Softwareentwickler; Wissenschaftler; IT-Sicherheitsverantwortliche

Users want to gain more self-determination in the form of self-responsible definition and control of their security and privacy demands. Policy Administration Points (PAPs) for the specification of security and privacy policies exist; however, users face usability problems using these tools. PAPs provide different specification paradigms, which determine the specification process for the task of policy specification including the levels of expressiveness and guidance for the user. This dissertation addresses the topic of automated creation of usable PAPs. First, we focus on the mapping of specification paradigms to user groups for increasing the usability by means of effectiveness, efficiency and satisfaction. Second, we propose a method for the automated creation of PAPs. This includes a method for eliciting security and privacy policy templates from an application domain, a policy template model for formalizing these policy templates as well as a PAP generation framework for the automated creation of policy specification interfaces within PAPs based on a policy template model instance. Last, we empirically confirm our findings in four case studies and one experiment.