ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
User-centered security
Full text PdfPdf (882 KB)
Source New Security Paradigms Workshop archive
Proceedings of the 1996 workshop on New security paradigms table of contents
Lake Arrowhead, California, United States
Pages: 27 - 33  
Year of Publication: 1996
ISBN:0-89791-944-0
Authors
Mary Ellen Zurko  The Open Group Research Institute, Eleven Cambridge Center, Cambridge, MA
Richard T. Simon  The Open Group Research Institute, Eleven Cambridge Center, Cambridge, MA
Sponsor
SIGSAC: ACM Special Interest Group on Security, Audit, and Control
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 16,   Downloads (12 Months): 126,   Citation Count: 31
Additional Information:

references   cited by   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/304851.304859
What is a DOI?

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Tim Berners-Lee , Robert Cailliau , Ari Luotonen , Henrik Frystyk Nielsen , Arthur Secret, The World-Wide Web, Communications of the ACM, v.37 n.8, p.76-82, Aug. 1994  [doi>10.1145/179606.179671]
 
2
Baldwin, Robert W. "'Naming and Grouping Privileges to Simplify Security", in Proceedings of the 1990 IEEE Symposium on Security and Privacy, pages 116-132, 1990
 
3
Bell, D. E. and L. J. LaPadula. Secure Computer Systems: Unified Exposition and Multics, Technical Report ESD-TR-75-306, The MITRE Corp., March 1976.
 
4
Matt Blaze , Joan Feigenbaum , Jack Lacy, Decentralized Trust Management, Proceedings of the 1996 IEEE Symposium on Security and Privacy, p.164, May 06-08, 1996
 
5
Clark, David D. and David R. Wilson. "A Comparison of Commercial and Military Computer Security Policies", in Proceedings of the 1987 IEEE Symposium on Security and Privacy, pages 184-195, April 1987.
 
6
Clement, Andrew, "'Privacy Considerations in CSCW;' in Proceedings of CSCW '92.
 
7
DCE-Web home page, http://www.osf.org/www/ dceweb/index.html
 
8
Digital Equipmem Corporation. Visual ACL Editor Online Help. Available: Digital Equipment Corporation, Littleton, MA. 1995.
 
9
Ferraio|o, Janet A. Cugini, and D. Richard Kuhn, "Role- Based Access Control (RBAC): Features and Motivation," in Proceedings of Eleventh Annual Computer Security Applications Conference, December 11-15, 1995.
10
Robert S. Fish , Robert E. Kraut, Networking for collaboration: video telephony and media conferencing, Conference companion on Human factors in computing systems, p.375-376, April 24-28, 1994, Boston, Massachusetts, United States  [doi>10.1145/259963.260511]
 
11
S. N. Foley , J. Jacob, Specifying security for CSCW systems, Proceedings of the The Eighth IEEE Computer Security Foundations Workshop (CSFW '95), p.136, March 13-15, 1995
 
12
Simson Garfinkel , Deborah Russell, PGP: Pretty Good Privacy, O'Reilly & Associates, Inc., Sebastopol, CA, 1996
 
13
Morrie Gasser, Building a secure computer system, Van Nostrand Reinhold Co., New York, NY, 1988
14
Will Hill , Laren Terveen, New uses and abuses of interaction hhistory: help form the research agenda, Conference companion on Human factors in computing systems, p.472, April 24-28, 1994, Boston, Massachusetts, United States  [doi>10.1145/259963.260506]
 
15
Karat, Clare-Marie. "Iterative Usability Testing of a Security Application:' Proceedings of the Human Factors Society 33rd Annual Meeting, 1989.
16
Rob Kling , Andy Hopper , James Katz, Controversies about privacy and open information in CSCW, Proceedings of the 1992 ACM conference on Computer-supported cooperative work, p.15, November 01-04, 1992, Toronto, Ontario, Canada  [doi>10.1145/143457.371594]
 
17
Lewontin, S. "The DCE-Web: Securing the Enterprise Web," http://www.osf.org/www/dceweb/papers/ Secure_Enterprise.html, 1995.
 
18
Linn, J. "Privacy-Enhanced Electronic Mail: From Architecture to Implementation", in Proceedings, IFIP TC11 Seventh International Conference on Information Security (IFIP/Sec '91), Brighton, UK, 15-17 May 1991.
 
19
Nash, M. and Poland, K., "Some Conundrums Concerning Separation of Duty," in Proceedings of 1990 IEEE Symposium on Security and Privacy, May 1990.
 
20
Norman, Donald A., '~i'he Design of Everyday Things", Doubleday, 1988.
 
21
Mosteller, William S. and James Ballas. "Usability Analysis of Messages from a Security System," Proceedings of the Human Factors Society 33rd Annual Meeting, 1989.
 
22
Jakob Nielsen, Usability Engineering, Morgan Kaufmann Publishers Inc., San Francisco, CA, 1995
 
23
Ward Rosenberry , David Kenney , Gerry Fisher, Understanding DCE, O'Reilly & Associates, Inc., Sebastopol, CA, 1992
 
24
Richard Rubinstein , Harry Hersh, Human Factor: Designing Computer Systems for People, Butterworth-Heinemann, Newton, MA, 1990
 
25
Saltzer, Jerome H. and Michael D. Schroeder. "The Protection of Information in Computer Systems", in Proceedings of the IEEE, 63(9), 1975.
26
HongHai Shen , Prasun Dewan, Access control for collaborative environments, Proceedings of the 1992 ACM conference on Computer-supported cooperative work, p.51-58, November 01-04, 1992, Toronto, Ontario, Canada  [doi>10.1145/143457.143461]
27
Dennis Wixon , Karen Holtzblatt , Stephen Knox, Contextual design: an emergent view of system design, Proceedings of the SIGCHI conference on Human factors in computing systems: Empowering people, p.329-336, April 01-05, 1990, Seattle, Washington, United States  [doi>10.1145/97243.97304]
 
28
Zurko, Mary Ellen. "Attribute Support for Inter-Domain Use", in Proceedings of The Computer Security Foundations Workshop V, June 1992.
 
29
Zurko, Mary Ellen. Adage home page, http:il www.osf.org/www/adage/index.html.
 
30
Zurko, Mary Ellen. MAP home page, http:// www.osf.org/www/map/index.html.

CITED BY  31
D. Thomsen , R. O'Brien , C. Payne, Napoleon: network application policy environment, Proceedings of the fourth ACM workshop on Role-based access control, p.145-152, October 28-29, 1999, Fairfax, Virginia, United States
Clifford Kahn, Tolerating penetrations and insider attacks by requiring independent corroboration, Proceedings of the 1998 workshop on New security paradigms, p.122-133, September 22-26, 1998, Charlottesville, Virginia, United States
Batya Friedman , David Hurley , Daniel C. Howe , Edward Felten , Helen Nissenbaum, Users' conceptions of web security: a comparative study, CHI '02 extended abstracts on Human factors in computing systems, April 20-25, 2002, Minneapolis, Minnesota, USA
Paul Dourish , David Redmiles, An approach to usable security based on event monitoring and visualization, Proceedings of the 2002 workshop on New security paradigms, September 23-26, 2002, Virginia Beach, Virginia
D. K. Smetters , R. E. Grinter, Moving from the design of usable security technologies to the design of useful secure applications, Proceedings of the 2002 workshop on New security paradigms, September 23-26, 2002, Virginia Beach, Virginia
Tara Whalen , Diana Smetters , Elizabeth F. Churchill, User experiences with sharing and access control, CHI '06 extended abstracts on Human factors in computing systems, April 22-27, 2006, Montréal, Québec, Canada
Trent Jaeger , Frederique Giraud , Nayeem Islam , Jochen Liedtke, A role-based access control model for protection domain derivation and management, Proceedings of the second ACM workshop on Role-based access control, p.95-106, November 06-07, 1997, Fairfax, Virginia, United States
Sang H. Son , Ravi Mukkamala , Rasikan David, Integrating Security and Real-Time Requirements Using Covert Channel Capacity, IEEE Transactions on Knowledge and Data Engineering, v.12 n.6, p.865-879, November 2000
Dirk Weirich , Martina Angela Sasse, Pretty good persuasion: a first step towards effective password security in the real world, Proceedings of the 2001 workshop on New security paradigms, September 10-13, 2001, Cloudcroft, New Mexico
Apu Kapadia , Geetanjali Sampemane , Roy H. Campbell, KNOW Why your access was denied: regulating feedback for usable security, Proceedings of the 11th ACM conference on Computer and communications security, October 25-29, 2004, Washington DC, USA
Haidong Xia , José Carlos Brustoloni, Hardening Web browsers against man-in-the-middle and eavesdropping attacks, Proceedings of the 14th international conference on World Wide Web, May 10-14, 2005, Chiba, Japan
Rogério de Paula , Xianghua Ding , Paul Dourish , Kari Nies , Ben Pillet , David Redmiles , Jie Ren , Jennifer Rode , Roberto Silva Filho, Two experiences designing for effective security, Proceedings of the 2005 symposium on Usable privacy and security, p.25-34, July 06-08, 2005, Pittsburgh, Pennsylvania
Rogério de Paula , Xianghua Ding , Paul Dourish , Kari Nies , Ben Pillet , David F. Redmiles , Jie Ren , Jennifer A. Rode , Roberto Silva Filho, In the eye of the beholder: a visualization-based approach to information system security, International Journal of Human-Computer Studies, v.63 n.1-2, p.5-24, July 2005
Roy A. Maxion , Robert W. Reeder, Improving user-interface dependability through mitigation of human error, International Journal of Human-Computer Studies, v.63 n.1-2, p.25-50, July 2005
Bruce Beckles , Von Welch , Jim Basney, Mechanisms for increasing the usability of grid security, International Journal of Human-Computer Studies, v.63 n.1-2, p.74-101, July 2005
Ghi Paul Im , Richard L. Baskerville, A longitudinal study of information system threat categories: the enduring problem of human error, ACM SIGMIS Database, v.36 n.4, p.68-79, Fall 2005
Krithi Ramamritham , Sang H. Son , Lisa Cingiser Dipippo, Real-Time Databases and Data Services, Real-Time Systems, v.28 n.2-3, p.179-215, November-December 2004
Alexander J. DeWitt , Jasna Kuljis, Aligning usability and security: a usability study of Polaris, Proceedings of the second symposium on Usable privacy and security, July 12-14, 2006, Pittsburgh, Pennsylvania
Xiang Cao , Lee Iverson, Intentional access management: making access control usable for end-users, Proceedings of the second symposium on Usable privacy and security, July 12-14, 2006, Pittsburgh, Pennsylvania
Doroteo T. Toledano , Rubén Fernández Pozo , Álvaro Hernández Trapote , Luis Hernández Gómez, Usability evaluation of multi-modal biometric verification systems, Interacting with Computers, v.18 n.5, p.1101-1122, September, 2006
Rebecca E. Grinter , Leysia Palen , Margery Eldridge, Chatting with teenagers: Considering the place of chat technologies in teen life, ACM Transactions on Computer-Human Interaction (TOCHI), v.13 n.4, p.423-447, December 2006
Ray Spencer , Stephen Smalley , Peter Loscocco , Mike Hibler , David Andersen , Jay Lepreau, The flask security architecture: system support for diverse security policies, Proceedings of the 8th conference on USENIX Security Symposium, p.11-11, August 23-26, 1999, Washington, D.C.
Giovanni Iachello , Jason Hong, End-user privacy in human-computer interaction, Foundations and Trends in Human-Computer Interaction, v.1 n.1, p.1-137, January 2007
E. Bardram, The trouble with login: on usability and computer security in ubiquitous computing, Personal and Ubiquitous Computing, v.9 n.6, p.357-367, November 2005
Ryan West, The psychology of security, Communications of the ACM, v.51 n.4, p.34-40, April 2008
David Botta , Rodrigo Werlinger , André Gagné , Konstantin Beznosov , Lee Iverson , Sidney Fels , Brian Fisher, Towards understanding IT security professionals and their tools, Proceedings of the 3rd symposium on Usable privacy and security, July 18-20, 2007, Pittsburgh, Pennsylvania
Paul Dourish , E. Grinter , Jessica Delgado de la Flor , Melissa Joseph, Security in the wild: user strategies for managing security as an everyday, practical problem, Personal and Ubiquitous Computing, v.8 n.6, p.391-401, November 2004
Steven J. Greenwald, E-Prime for security: a new security paradigm, Proceedings of the 2006 workshop on New security paradigms, September 19-22, 2006, Germany
Ivan Flechais , M. Angela Sasse, Stakeholder involvement, motivation, responsibility, communication: How to design usable security in e-Science, International Journal of Human-Computer Studies, v.67 n.4, p.281-296, April, 2009
Serge Egelman , A.J. Bernheim Brush , Kori M. Inkpen, Family accounts: a new paradigm for user accounts within the home environment, Proceedings of the ACM 2008 conference on Computer supported cooperative work, November 08-12, 2008, San Diego, CA, USA
D. K. Smetters , Nathan Good, How users use access control, Proceedings of the 5th Symposium on Usable Privacy and Security, July 15-17, 2009, Mountain View, California

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS

Additional Classification:
  D. Software
  D.4 OPERATING SYSTEMS

  H. Information Systems
  H.5 INFORMATION INTERFACES AND PRESENTATION (I.7)


General Terms:
Design, Human Factors, Management, Security


Keywords:
authorization, security, user-centered

Collaborative Colleagues:
Mary Ellen Zurko: colleagues
Richard T. Simon: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player