Vivek Krishnan
Tony Bergstrom
ABSTRACT
Usability is widely recognized as a problem in the context of the administration of access control systems. We seek to relate the notion of declarative semantics, a recurring theme in research in access control, with usability. We adopt the concrete context of POSIX ACLs and the traditional interface for it that comprises two utilities getfacl and setfacl whose natural semantics is operational. We have designed and implemented an alternate interface that we call askfacl whose natural semantics is declarative. We discuss our design of askfacl. We then discuss a human-subject usability study that we have designed and conducted that compares the two interfaces. Our results measurably demonstrate the goodness of declarative semantics in access control.
- Publication manual of the American Psychological Association. American Psychological Association, 6 edition, 2010.Google Scholar
- The linux kernel archives, Mar. 2012. http://www.kernel.org/.Google Scholar
- OpenBSD, Mar. 2012. http://www.openbsd.org/.Google Scholar
- Reporting statistics in APA format, Mar. 2012. Available from http://www.writingcenter.uconn.edu/pdf/Reporting_Statistics.pdf.Google Scholar
- script - make typescript of terminal session, Mar. 2012. http://unixhelp.ed.ac.uk/CGI/man-cgi?script.Google Scholar
- L. Bauer, L. F. Cranor, R. W. Reeder, M. K. Reiter, and K. Vaniea. A user study of policy creation in a flexible access-control system. In CHI 2008 Proceedings - Policy, Telemedicine, and Enterprise, pages 543--552, Apr. 2008. Google ScholarDigital Library
- L. Bauer, L. F. Cranor, R. W. Reeder, M. K. Reiter, and K. Vaniea. Real life challenges in access-control management. In CHI 2009 Proceedings - Security, pages 899--908, Apr. 2009. Google ScholarDigital Library
- Y. Benjamini and Y. Hochberg. Controlling the false discovery rate: a practical and powerful approach to multiple testing. J. Roy. Statist. Soc. Ser. B, 57(1):289--300, 1995.Google ScholarCross Ref
- M. Bishop. Introduction to Computer Security. Addison-Wesley, 2004. Google ScholarDigital Library
- X. Cao and L. Iverson. Intentional access management: Making access control usable for end-users. In Proceedings of the second Symposium on Usable Privacy and Security (SOUPS), pages 20--31, July 2006. Google ScholarDigital Library
- R. A. Fisher. Statistical Methods for Research Workers. Oliver and Boyd, 1925.Google Scholar
- D. Garg, L. Bauer, K. Bowers, F. Pfenning, and M. Reiter. A linear logic of authorization and knowledge. In D. Gollmann, J. Meier, and A. Sabelfeld, editors, Computer Security - ESORICS 2006, volume 4189 of Lecture Notes in Computer Science, pages 297--312. Springer Berlin/Heidelberg, 2006. 10.1007/11863908 19. Google ScholarDigital Library
- M. Huth and M. Ryan. Logic in Computer Science. Cambridge University Press, Cambridge, UK, 2nd edition, 2004. Google ScholarDigital Library
- M. L. Johnson, S. M. Bellovin, R. W. Reeder, and S. E. Schechter. Laizzez-faire file sharing. In Proceedings of the New Security Paradigms Workshop (NSPW'09), Sept. 2009.Google Scholar
- J. Karat, C.-M. Karat, C. Brodie, and J. Feng. Privacy in information technology: Designing to enable privacy policy management in organizations. International Journal of Human-Computer Studies, 63(1-2):153--174, July 2005. Google ScholarDigital Library
- B. Kirwan. A Guide To Practical Human Reliability Assessment. CRC Press, Nov. 1994.Google Scholar
- N. Li, J. Mitchell, and W. Winsborough. Design of a role-based trust-management framework. In Security and Privacy, 2002. Proceedings. 2002 IEEE Symposium on, pages 114--130, 2002. Google ScholarDigital Library
- R. A. Maxion and R. W. Reeder. Improving user-interface dependability through mitigation of human error. International Journal of Human-Computer Studies, 63(1--2):25--50, July 2005. Google ScholarDigital Library
- M. C. Mont, R. Thyne, and P. Bramhall. Privacy enforcement with hp select access for regulatory compliance. Technical report, HP Labs, Bristol, UK, Jan. 2008.Google Scholar
- N. Nachar. The Mann-Whitney U: A test for assessing whether two independent samples come from the same distribution. Tutorials in Quantitative Methods for Psychology, 4(1):13--20, 2008.Google ScholarCross Ref
- G. D. Plotkin. The origins of structural operational semantics. Journal of Logic and Algebraic Programming, 60-61:3--15, 2004.Google ScholarCross Ref
- R. W. Reeder, L. Bauer, L. F. Cranor, M. K. Reiter, K. Bacon, K. How, and H. Strong. Expandable grids for visualizing and authoring computer security policies. In CHI 2008 Proceedings - Visualizations, pages 1473--1482. ACM, Apr. 2008. Google ScholarDigital Library
- R. W. Reeder, L. Bauer, L. F. Cranor, M. K. Reiter, and K. Vaniea. More than skin deep: measuring effects of the underlying model on access-control system usability. In Proceedings of the 2011 annual conference on Human factors in computing systems, CHI '11, pages 2065--2074, New York, NY, USA, 2011. ACM. Google ScholarDigital Library
- J. Rode, C. Johansson, P. DiGioia, R. S Filho, K. Nies, D. H. Nguyen, J. Ren, P. Dourish, and D. Redmiles. Seeing further: Extending visualization as a basis for usable security. In Proceedings of the Second Symposium on Usable Privacy and Security (SOUPS), pages 145--155, 2006. Google ScholarDigital Library
- S. Schechter. Common pitfalls in writing about security and privacy human subjects experiments, and how to avoid them, 2012. Available from https://cups.cs.cmu.edu/soups/2010/howtosoups.pdf.Google Scholar
- F. B. Schneider, K. Walsh, and E. G. Sirer. Nexus authorization logic (NAL): Design rationale and applications. ACM Trans. Inf. Syst. Secur., 14(1):8:1--8:28, June 2011. Google ScholarDigital Library
- Security Working Group, IEEE Computer Society. IEEE 1003.1e and 1003.2c: Draft Standard for Information Technology--Portable Operating System Interface (POSIX)--Part 1: System Application Program Interface (API) and Part 2: Shell and Utilities, draft 17 (withdrawn). Available from http://ece.uwaterloo.ca/~tripunit/Posix1003.1e990310.pdf, Oct. 1997.Google Scholar
- D. K. Smetters and N. Good. How users use access control. In Proceedings of the Symposium on Usable Privacy and Security (SOUPS), July 2009. Google ScholarDigital Library
- M. E. Zurko, R. Simon, and T. Sanfflippo. A user-centered, modular authorization service built on an RBAC foundation. In Proceedings of the 1999 IEEE Symposium on Security and Privacy, pages 57--71, May 1999.Google ScholarCross Ref
Index Terms
- Relating declarative semantics and usability in access control
Recommendations
A System for Centralized ABAC Policy Administration and Local ABAC Policy Decision and Enforcement in Host Systems using Access Control Lists
ABAC'18: Proceedings of the Third ACM Workshop on Attribute-Based Access ControlWe describe a method that centrally manages Attribute-Based Access Control (ABAC) policies and locally computes and enforces decisions regarding those policies for protection of resource repositories in host systems using their native Access Control ...
Improving the granularity of access control in Windows NT
SACMAT '01: Proceedings of the sixth ACM symposium on Access control models and technologiesThis paper presents the access control mechanisms in Windows 2000 that enable fine-grained protection and centralized management. These mechanisms were added during the transition from Windows NT 4.0 to support the Active Directory, a new feature in ...
Declarative semantics of transactions in ORM
In order to specify databases completely at the conceptual level, conceptual database specification languages should contain a data definition (sub)language (DDL), for specifying data structures (+constraints), a data retrieval (sub)language (DRL), for ...
Comments