Endre søk
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Formal Definitions for Usable Access Control Rule Sets: From Goals to Metrics
Technische Universität Darmstadt,, Germany.
Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap. (Privacy and Security Group)
2013 (engelsk)Inngår i: Proceedings of the Ninth Symposium on Usable Privacy and Security, Association for Computing Machinery (ACM), 2013, s. 2:1-2:11Konferansepaper, Publicerat paper (Fagfellevurdert)
Abstract [en]

Access control policies describe high level requirements for access control systems. Access control rule sets ideally trans-late these policies into a coherent and manageable collectionof Allow/Deny rules. Designing rule sets that reflect desired policies is a difficult and time-consuming task. The result is that rule sets are difficult to understand and manage. The goal of this paper is to provide means for obtaining usable access control rule sets, which we define as rule sets that (i) reflect the access control policy and (ii) are easy to understand and manage. In this paper, we formally define the challenges that users face when generating usable access control rule sets and provide formal tools to handle them more easily. We started our research with a pilot study in which specialists were interviewed. The objective was to list usability challenges regarding the management of access control rule sets and verify how those challenges were handled by specialists. The results of the pilot study were compared and combined with results from related work and refined into six novel, formally defined metrics that are used to measure the security and usability aspects of access control rule sets. We validated our findings with two user studies, which demonstrate that our metrics help users generate statistically significant better rule sets.

sted, utgiver, år, opplag, sider
Association for Computing Machinery (ACM), 2013. s. 2:1-2:11
Emneord [en]
access control, complexity measures, user / machine systems
HSV kategori
Forskningsprogram
Datavetenskap
Identifikatorer
URN: urn:nbn:se:kau:diva-29005DOI: 10.1145/2501604.2501606ISBN: 978-1-4503-2319-2 (tryckt)OAI: oai:DiVA.org:kau-29005DiVA, id: diva2:647575
Konferanse
Ninth Symposium on Usable Privacy and Security
Forskningsfinansiär
EU, FP7, Seventh Framework Programme, 317550Tilgjengelig fra: 2013-09-11 Laget: 2013-09-11 Sist oppdatert: 2018-01-11bibliografisk kontrollert

Open Access i DiVA

Fulltekst mangler i DiVA

Andre lenker

Forlagets fulltekst

Personposter BETA

Martucci, Leonardo

Søk i DiVA

Av forfatter/redaktør
Martucci, Leonardo
Av organisasjonen

Søk utenfor DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric

doi
isbn
urn-nbn
Totalt: 102 treff
RefereraExporteraLink to record
Permanent link

Direct link
Referera
Referensformat
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annet format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annet språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf