Browsing by Author "Tatar, Deborah G."

Now showing 1 - 3 of 3
  • Thumbnail Image
    A Novel Approach to Modeling Contextual Privacy Preference and Practice
    Radics, Peter Jozsef (Virginia Tech, 2016-09-27)
    We are living in a time of fundamental changes in the dynamic between privacy and surveillance. The ubiquity of information technology has changed the ways in which we interact, empowering us through new venues of communication and social intimacy. At the same time, it exposes us to the prying eyes of others, in the shape of governments, companies, or even fellow humans. This creates a challenging environment for the design of 'privacy-aware' applications, exacerbated by a disconnect between abstract knowledge of privacy and concrete information requirements of privacy design frameworks. In this work, we present a novel approach for the modeling of contextual privacy preference and practice. The process guides a 'privacy analyst' through the steps of evaluating, choosing, and deploying appropriate data collection strategies; the verification and validation of the collected data; and the systematic transformation of the dense, unstructured data into a structured domain model. We introduce the Privacy Domain Modeling Language (PDML) to address the representational needs of privacy domain models. Making use of the structure of PDML, we explore the applicability of the information theoretic concept 'entropy' to determine the completeness of the resulting model. We evaluate the utility of the process through its application to the evaluation and re-design of a web application for the management of students' directory information and education records. Through this case study, we demonstrate the potential for automation of the process through the Privacy Analyst Work eNvironment (PAWN) and show the process's seamless integration with existing privacy design frameworks. Finally, we provide evidence for the value of using entropy for determining model completeness, and provide an outlook on future work.
  • Thumbnail Image
    Peer Review in CS2: the Effects on Attitudes, Engagement, and Conceptual Learning
    Turner, Scott Alexander (Virginia Tech, 2009-08-13)
    In computer science, students could benefit from exposure to critical programming concepts from multiple perspectives. Peer review is one method to allow students to experience authentic uses of the concepts in a non-programming manner. Peer review provides students with the opportunity to evaluate other people's work and, in doing so, allows for a rich learning experience. While much is known about peer review and it has many uses in other disciplines, the literature, especially in computer science, does not spend much time on the perspective of and benefits to the reviewer. In this work, we examine how to implement the peer review process in early, object-oriented, computer science courses as a way to develop the reviewers' higher-level thinking skills, increase their knowledge of specific programming concepts, and to improve attitudes to help engage them in the activity. Specifically, we explore peer review and its effects on Abstraction, Decomposition, and Encapsulation and how the type of review (students reviewing their peers or reviewing materials from their instructor), influences these effects. We also look at how the students' attitudes relate to their engagement in and the benefits from the reviews. To study these ideas, we used peer review exercises in two CS2 classes at local universities over the course of a semester. We divided the students into three groups where one group reviewed their peers, one group reviewed their instructor, and one group completed small design or coding exercises. We measured the students' attitudes and their conceptual understanding during the semester with surveys, tests, and concept maps. We collected the completed reviews as well. We found that reviewing helped students learn Decomposition, especially those reviewing the instructor's programs. We did not find evidence of improvements to the students' level of thinking over the semester nor were there significant changes in their attitudes. However, the data showed that students assigned to review their peers were less likely to complete the assignments than the other students were. Overall, peer reviews are a valuable method for teaching Decomposition to CS2 students and can be used as an alternative way to learn object-oriented programming concepts.
  • Thumbnail Image
    Security in Practice: Examining the Collaborative Management of Sensitive Information in Childcare Centers and Physicians' Offices
    Vega, Laurian (Virginia Tech, 2011-03-28)
    Traditionally, security has been conceptualized as rules, locks, and passwords. More recently, security research has explored how people interact in secure (or insecure) ways in part of a larger socio-technical system. Socio-technical systems are comprised of people, technology, relationships, and interactions that work together to create safe praxis. Because information systems are not just technical, but also social, the scope of privacy and security concerns must include social and technical factors. Clearly, computer security is enhanced by developments in the technical arena, where researchers are building ever more secure and robust systems to guard the privacy and confidentiality of information. However, when the definition of security is broadened to encompass both human and technical mechanisms, how security is managed with and through the day-to-day social work practices becomes increasingly important. In this dissertation I focus on how sensitive information is collaboratively managed in socio-technical systems by examining two domains: childcare centers and physicians' offices. In childcare centers, workers manage the enrolled children and also the enrolled child's personal information. In physicians' offices, workers manage the patients' health along with the patients' health information. My dissertation presents results from interviews and observations of these locations. The data collected consists of observation notes, interview transcriptions, pictures, and forms. The researchers identified breakdowns related to security and privacy. Using Activity Theory to first structure, categorize, and analyze the observed breakdowns, I used phenomenological methods to understand the context and experience of security and privacy. The outcomes from this work are three themes, along with corresponding future scenarios. The themes discussed are security embodiment, communities of security, and zones of ambiguity. Those themes extend the literature in the areas of usable security, human-computer interaction, and trust. The presentation will use future scenarios to examine the complexity of developing secure systems for the real world.