Usability meets access control

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Usability meets access control: challenges and research opportunities

Full text

Pdf (274 KB)

Source

Symposium on Access Control Models and Technologies archive
Proceedings of the 14th ACM symposium on Access control models and technologies table of contents

Stresa, Italy

PANEL SESSION: Panel I table of contents

Pages 73-74

Year of Publication: 2009

ISBN:978-1-60558-537-6

Authors

Konstantin Beznosov	University of British Columbia, Vancouver, BC, Canada
Philip Inglesant	University College London, London, United Kingdom
Jorge Lobo	IBM, Hawthorne, NY, USA
Rob Reeder	Microsoft, Redmond, WA, USA
Mary Ellen Zurko	IBM, Westford, MA, USA

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control
ACM: Association for Computing Machinery

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 23, Downloads (12 Months): 111, Citation Count: 0

Additional Information:

abstract references index terms collaborative colleagues

Tools and Actions:	Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1542207.1542220 What is a DOI?

ABSTRACT

This panel discusses specific challenges in the usability of access control technologies and new opportunities for research. The questions vary from "Why nobody, even experts, uses access control lists (ACLs)?" to "Shall access controls (and corresponding languages) be totally embedded and invisible and never, ever seen by the users?" to "What should be the user-study methodology for access control systems?".

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	David Botta , Rodrigo Werlinger , André Gagné , Konstantin Beznosov , Lee Iverson , Sidney Fels , Brian Fisher, Towards understanding IT security professionals and their tools, Proceedings of the 3rd symposium on Usable privacy and security, July 18-20, 2007, Pittsburgh, Pennsylvania [doi>10.1145/1280680.1280693]
	2	Sacha Brostoff , M. Angela Sasse , David Chadwick , James Cunningham , Uche Mbanaso , Sassa Otenko, ‘R-What?’ Development of a role-based access control policy-writing tool for e-Scientists: Research Articles, Software—Practice & Experience, v.35 n.9, p.835-856, July 2005 [doi>10.1002/spe.v35:9]
	3	Sonia Chiasson , Robert Biddle , P. C. van Oorschot, A second look at the usability of click-based graphical passwords, Proceedings of the 3rd symposium on Usable privacy and security, July 18-20, 2007, Pittsburgh, Pennsylvania [doi>10.1145/1280680.1280682]
	4	Sonia Chiasson , P. C. van Oorschot , Robert Biddle, A usability study and critique of two password managers, Proceedings of the 15th conference on USENIX Security Symposium, p.1, July 31-August 04, 2006, Vancouver, B.C., Canada
	5	Rachna Dhamija , J. D. Tygar , Marti Hearst, Why phishing works, Proceedings of the SIGCHI conference on Human Factors in computing systems, April 22-27, 2006, Montréal, Québec, Canada [doi>10.1145/1124772.1124861]
	6	Philip Inglesant , M. Angela Sasse , David Chadwick , Lei Lei Shi, Expressions of expertness: the virtuous circle of natural language for access control policy specification, Proceedings of the 4th symposium on Usable privacy and security, July 23-25, 2008, Pittsburgh, Pennsylvania [doi>10.1145/1408664.1408675]
	7	Roy A. Maxion , Robert W. Reeder, Improving user-interface dependability through mitigation of human error, International Journal of Human-Computer Studies, v.63 n.1-2, p.25-50, July 2005 [doi>10.1016/j.ijhcs.2005.04.009]
	8	Fahimeh Raja , Kirstie Hawkey , Konstantin Beznosov, Towards improving mental models of personal firewall users, Proceedings of the 27th international conference extended abstracts on Human factors in computing systems, April 04-09, 2009, Boston, MA, USA [doi>10.1145/1520340.1520712]
	9	Reason, J. Human error: causes and consequences. Cambridge University Press, Cambridge, UK, 1990.
	10	Robert W. Reeder , Lujo Bauer , Lorrie Faith Cranor , Michael K. Reiter , Kelli Bacon , Keisha How , Heather Strong, Expandable grids for visualizing and authoring computer security policies, Proceeding of the twenty-sixth annual SIGCHI conference on Human factors in computing systems, April 05-10, 2008, Florence, Italy [doi>10.1145/1357054.1357285]
	11	Stuart E. Schechter , Rachna Dhamija , Andy Ozment , Ian Fischer, The Emperor's New Security Indicators, Proceedings of the 2007 IEEE Symposium on Security and Privacy, p.51-65, May 20-23, 2007 [doi>10.1109/SP.2007.35]
	12	Alma Whitten , J. D. Tygar, Why Johnny can't encrypt: a usability evaluation of PGP 5.0, Proceedings of the 8th conference on USENIX Security Symposium, p.14-14, August 23-26, 1999, Washington, D.C.
	13	Jeff Yan , Ahmad Salah El Ahmad, Usability of CAPTCHAs or usability issues in CAPTCHA design, Proceedings of the 4th symposium on Usable privacy and security, July 23-25, 2008, Pittsburgh, Pennsylvania [doi>10.1145/1408664.1408671]