Sciweavers

CHI
2009
ACM

Real life challenges in access-control management

15 years 2 days ago
Real life challenges in access-control management
In this work we ask the question: what are the challenges of managing a physical or file system access-control policy for a large organization? To answer the question, we conducted a series of interviews with thirteen administrators who manage access-control policy for either a file system or a physical space. Based on these interviews we identified three sets of real-world requirements that are either ignored or inadequately addressed by technology: 1) policies are made/implemented by multiple people; 2) policy makers are distinct from policy implementers; and 3) access-control systems don't always have the capability to implement the desired policy. We present our interview results and propose several possible solutions to address the observed issues. Author Keywords Access control, policy creation ACM Classification Keywords D.4.6 Security and protection, K.4.3 OrganizationalImpacts, K.6.5 Authentication
Lujo Bauer, Lorrie Faith Cranor, Robert W. Reeder,
Added 24 Nov 2009
Updated 24 Nov 2009
Type Conference
Year 2009
Where CHI
Authors Lujo Bauer, Lorrie Faith Cranor, Robert W. Reeder, Michael K. Reiter, Kami Vaniea
Comments (0)