ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Computer-supported access control
Full text PdfPdf (203 KB)
Source
ACM Transactions on Computer-Human Interaction (TOCHI) archive
Volume 16 ,  Issue 3  (September 2009) table of contents
Article No. 12  
Year of Publication: 2009
ISSN:1073-0516
Authors
Gunnar Stevens  University of Siegen, Germany
Volker Wulf  University of Siegen and Fraunhofer FIT, Sankt Augustin, Germany
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 146,   Downloads (12 Months): 146,   Citation Count: 0
Additional Information:

abstract   references   index terms  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1592440.1592441
What is a DOI?

ABSTRACT

Traditionally, access control is understood as a purely technical mechanism which rejects or accepts access attempts automatically according to a specific preconfiguration. However, such a perspective neglects the practices of access control and the embeddedness of technical mechanisms within situated action. In this article, we reconceptualize the issue of access control on a theoretical, methodological, and practical level. On a theoretical level, we develop a terminology to distinguish between access control practices and the technical support mechanisms. We coin the term Computer Supported Access Control (CSAC) to emphasize this perspective. On a methodological level, we discuss empirical investigations of access control behavior from a situated action perspective. We discovered a differentiated set of social practices around traditional access control systems. By applying these findings to a practical level, we enhance the design space of computer supported access control mechanisms by suggesting a matrix of technical mechanisms which go beyond an ex-ante configuration.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Ackerman, M. 2000. The intellectual challenge of CSCW: The gap between social requirements and technical feasibility. Hum.-Comput. Interact. 15, 179--203.
 
2
Adams, A. and Sasse, M. A. S. 1999. Users are not the enemy: Why users compromise security mechanisms and how to take remedial measures. Comm. ACM 42, 41--46.
 
3
Altmann, I. 1975. The Environment and Social Behavior: Privacy, Personal Space, Territory and Crowding. Brooks/Cole Publishing, Monterey, CA.
 
4
Bannon, L. 1993. CSCW: An initial exploration. Scandinav. J. Inform. Syst. 5, 3--24.
 
5
Bellotti, V. and Sellen, A. 1993. Design for privacy in ubiquitous computing environments. In Proceedings of the European Conference on Computer-Supported Cooperative Work (ECSCW'93). Kluwer, 77--92.
 
6
Bowen, S. J. 2007. Crazy ideas or creative probes? Presenting critical artefacts to stakeholders to develop innovative product ideas. In Proceedings of the EAD07: Dancing with Disorder: Design, Discourse and Disaster.
 
7
Bratteteig, T. 2003. Making change: Dealing with relations between design and use. University of Oslo.
 
8
Clark, D. D. and Wilson, D. R. 1987. A comparison of commercial and military computer security policies. In Proceedings of the IEEE Symposium on Security and Privacy. 184--194.
 
9
Coulouris, G., Dollimore, J., and Roberts, M. 1998. Secure communication in non-uniform trust environments. In ECOOP Workshop on Distributed Object Security.
 
10
Cranor, L. and Garfinkel, S. 2005. Security and Usability. Designing Secure Systems That People Can Use. O'Reilly, Sebastopol, CA.
 
11
Department of Defense. 1985. Trusted computing evaluation criteria, National Computer Security Center. http://en.wikipedia.org/wiki/National_Computer_Security_Center
 
12
Dewan, P. and Shen, H. 1998a. Controlling access in multiuser interfaces. ACM Trans. Comput.-Hum. Interact. 5, 34--62.
 
13
Dewan, P. and Shen, H. 1998b. Flexible meta access-control for collaborative applications. In Proceedings of the ACM Conference on Computer Supported Cooperative Work (CSCW'98). 247--256.
 
14
Dewey, J. 1938. Logic: The Theory of Inquiry. Henry Holt and Company.
 
15
Dourish, P. 1993. Culture and control in a media space. In Proceedings of the European Conference on Computer-Supported Cooperative Work (ECSCW'93). Kluwer, 133--146.
 
16
Dourish, P. 2006. Implications for design. In Proceedings of the ACM Conference on Human Factors in Computing Systems (CHI'06). 541--550.
 
17
Dourish, P., Grinter, R., Delgado de la Flor, J., and Joseph, M. 2004. Security in the wild: User strategies for managing security as an everyday, practical problem. Personal Ubiq. Comput. 8, 391--401.
 
18
Dunne, A. and Raby, F. 2001. Design Noir: The Secret Life of Electronic Objects. Birkhäuser, Basel.
 
19
Edwards, K. 1996. Policies and roles in collaborative applications. In Proceedings of the ACM Conference on Computer-Supported Cooperative Work (CSCW'96). ACM Press, 11--20.
 
20
Ehn, P. 1990. Work-Oriented Design of Computer Artifacts. Lawrence Erlbaum Associates.
 
21
Ellis, C. A., Gibbs, S. J., and Rein, G. L. 1991. Groupware—Some issues and experiences. Comm. ACM 34, 38--58.
 
22
Ferraiolo, D. and Kuhn, R. 1992. Role-based access control. In Proceedings of the NIST- NSANational (USA) Computer Security Conference. 554--563.
 
23
Fuchs, L., Sohlenkamp, M., Genau, A., Kahler, H., Pfeifer, A., and Wulf, V. 1996. Transparenz in kooperativen prozessen; Der ereignisdienst in POLITeam. In Proceedings of the Herausforderung Telekooperation: Fachtagung Deutsche Computer Supported Cooperative Work. Springer, 3--16.
 
24
Gaver, W., Moran, T., McLaen, A., Lövstrand, L., Dourish, P., Carter, K., and Buxton, W. 1992. Realizing a video environment: EuroPARC's RAVE system. In Proceedings of the ACM SIGCHI Conference on Human Factors in Computing Systems (CHI'92). ACM Press, 27--35.
 
25
Greif, I. and Sarin, S. 1986. Data sharing in group work. In Proceedings of the 1st Conference on Computer-Supported Cooperative Work (CSCW). ACM Press, 175--183.
 
26
Grinter, R. and Palen, L. 2006. Chatting with teenagers: Considering the place of chat technologies in teen life. ACM Trans. Hum.-Comput. Interact. 13, 423--447.
 
27
Grinter, R. E. and Palen, L. 2002. Instant messaging in teen life. In Proceedings of the ACM Conference on Computer-Supported Cooperative Work. 21--30.
 
28
Gutwin, A. and Greenberg, S. 2002. A descriptive framework of workspace awareness for real-time groupware. Int. J. Comput.-Support. Coop. Work 11, 411--446.
 
29
Haake, J., Haake, A., Schümmer, T., Bourimi, M., and Landgraf, B. 2004. End-user controlled group formation and access rights management in a shared workspace system. In Proceedings of the ACM Conference on Computer-Supported Cooperative Work (CSCW'04). ACM Press, 554--563.
 
30
Heath, C. and Luff, P. 1991. Collaborative activity and technological design: Task coordination in London underground control rooms. In Proceedings of the European Conference on Computer- Supported Cooperative Work.
 
31
Hevner, A. R., March, S. T., Park, J., and Ram, S. 2004. Design science in information systems research. MIS Quart. 28, 75--105.
 
32
Kahler, H. 1996. Developing groupware with evolution and participation: A case study. In Proceedings of the Participatory Design Conference. 173--182.
 
33
Lampson, B. 1974. Proctection. ACM Oper. Syst. Rev. 8, 18--24.
 
34
Lampson, B. W. 2000. Computer security in the real world. In Proceedings of the Applied Computer Security Associates (ACSA) the 16th Annual Computer Security Applications Conference.
 
35
Nett, B. and Stevens, G. 2008. Business ethnography—Aktionsforschung als beitrag zu einer reflexiven technikgestaltung (Business ethnography—Action research as a contribution to a reflective technique development). In Science Theory and Design-Oriented Information Science. Institut für Wirtschaftsinformatik, Westfälische Wilhelms-Universität Münster, 48--68.
 
36
Neuwirth, C., Kaufer, D. S., Chandhok, R., and Morris, J. H. 1994. Computer support for distributed collaborative writing: Defining parameters of interaction. In Proceedings of the ACM Conference on Computer-Supported Cooperative Work (CSCW'94). ACM Press,145--152.
 
37
Nunamaker, J., Chen, M., and Purdin, T. D. M. 1991. Systems development in information systems research. J. Manage. Inform. Syst. 7, 89--106.
 
38
Oevermann, U., Allert, T., Konau, E., and Krambeck, J. 1979. Die methodologie einer, objektiven Hermeneutik' und ihre allgemeine forschungslogische bedeutung in den sozialwissenschaften. In Interpretative Verfahren in den Sozial- und Textwissenschaften, H.-G. Soeffner, Ed. Metzler, Stuttgart, 352--434.
 
39
Olson, J., Grudin, J., and Horvitz, E. 2005. A study of preferences for sharing and privacy. In Proceedings of the ACM Conference on Computer Human Interaction (CHI'05): Late Breaking Results: Short Papers. ACM Press, 1985--1988.
 
40
Padayachee, K., Eloff, J. H. P., and Sergot, M. 2007. Enhancing optimistic access controls with usage control. In Trust, Privacy and Security in Digital Business. Springer, Berlin, 75--82.
 
41
Palen, L. and Dourish, P. 2003. Unpacking privacy in a networked world. In Proceedings of the ACM Conference on Computer Human Interaction (CHI'03). ACM Press, 129--136.
 
42
Povey, D. 1999. Optimistic security: A new access control paradigm. In Proceedings of the Workshop on New Security Paradigms. ACM Press, 40--45.
 
43
Randall, D., Harper, R., and Rouncefield, M. 2007. Fieldwork for Design: Theory and Practice. Springer Verlag Gmbh.
 
44
Reichertz, J. 2004. Objective hermeneutics and hermeneutic sociology of knowledge. In Companion to Qualitative Research, U. Flick, Ed. Sage, London, 290--296.
 
45
Rissanen, E. and Firozabadi, B. S. 2006. Towards a mechanism for discretionary overriding of access control. In Security Protocols. Springer, Berlin, 312--319.
 
46
Rittel, H. and Webber, M. 1973. Dilemmas in a General Theory of Planning. Elsevier Scientific Publishing, Amsterdam.
 
47
Schmidt, K. 1991. Riding a tiger, Or computer supported cooperative work. In Proceedings of the 2nd European Conference on Computer-Supported Cooperative Work (ECSCW'91), L. Bannon et al., Eds. Kluwer Academic, Amsterdam, 1--16.
 
48
Schmidt, K. and Simone, C. 1996. Coordination mechanisms: Towards a conceptual foundation of CSCW systems design. Int. J. Comput.-Support. Coop. Work 5, 155--200.
 
49
Shalin, D. N. 1991. The pragmatic origins of symbolic interactionism and the crisis of classical science. Studies Symb. Interact. 11, 226--258.
 
50
Shen, H. and Dewan, P. 1992. Access control for collaborative environments. In Proceedings of the ACM Conference on Computer-Supported Cooperative Work. ACM Press, 51--58.
 
51
Sikkel, K. 1997. A group-based authorization model for computer-supported cooperative work. In Arbeitspapiere der GMD. GMD, Sankt Augustin.
 
52
Stevens, G., Quaisser, G., and Klann, M. 2006. Breaking it up: An industrial case study of componend-based tailorable software design. In End User Development, H. Liebermann et al., Eds. Springer, 269--294.
 
53
Stevens, G. and Wulf, V. 2002. A new dimension in access control: Studying maintenance engineering across organizational boundaries. In Proceedings of the ACM Conference on Computer-Supported Cooperative Work (CSCW'02). ACM Press, 196--205.
 
54
Stiemerling, O. and Wulf, V. 2000. Beyond 'yes or no'—Extending access control in groupware with awareness and negotiation. Group Decision Negotiation 9, 221--235.
 
55
Strauss, A. 1988. The articulation of project work: An organizational process. The Sociolog. Quart. 29.
 
56
Suchman, L. 1987. Plans and Situated Actions: The Problem of Human-Machine Communication. Cambridge University Press, Cambridge, UK.
 
57
Turing, A. 1950. Computing Machinery and Intelligence. Mind LIX, 433--460.
 
58
Winch, P. G. 1958. The Idea of a Social Science and its Relation to Philosophy. Routledge and Kegan Paul, London.
 
59
Wulf, V. 1995. Negotiability: Handling access to data in groupware. Behav. Inform. Technol. 14, 143--151.
 
60
Wulf, V. 1997a. Handling conflicts in groupware: Concepts and experiences made in the POLITeam project. In Proceedings of the Human Computer Interaction (INTERACT'97), S. H. Howard and J. Lindgaard, G., Eds. Chapman and Hall, 485--492.
 
61
Wulf, V. 1997b. Konfliktmanagement bei Groupware. Vieweg, Braunschweig.
 
62
Wulf, V. 1999. Conflicts and negotiation in multi-user applications. In Encyclopedia of Microcomputers, A. Kent and J. G. Williams, Eds. Marcel Dekker, New Basel, 63--88.
 
63
Wulf, V. and Hartmann, A. 1994. The ambivalence of networks' visibility in an organizational context. In NetWorking: Connecting Workers In and Between Organizations, A. Clement et al., Eds. North Holland, Amsterdam, 143--152.
 
64
Wulf, V., Pipek, V., and Pfeifer, A. 2001. Resolving function-based conflicts in groupware systems. Al. Society 15, 233--262.
 
65
Wulf, V. and Rohde, M. 1995. Towards an integrated organization and technology development. In Proceedings of the DIS'95. ACM Press, 55--64.
 
66
Wulf, V., Stiemerling, O., and Pfeifer, A. 1999. Tailoring groupware for different scopes of validity. Behav. Inform. Technol. 18, 199--212.

INDEX TERMS

Primary Classification:
  H. Information Systems
  H.5 INFORMATION INTERFACES AND PRESENTATION (I.7)
      H.5.3 Group and Organization Interfaces
          Subjects: Computer-supported cooperative work


General Terms:
Design, Performance


Keywords:
Access control, computer supported cooperative work field, coordination mechanism, critical design, ethnomethodology, study


The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player