Sciweavers

SOUPS
2006
ACM

Intentional access management: making access control usable for end-users

14 years 5 months ago
Intentional access management: making access control usable for end-users
The usability of access control mechanisms in modern distributed systems has been widely criticized but little studied. In this paper, we carefully examine one such widely deployed access control mechanism, the one embedded in the WebDAV standard, from the point-of-view of an end-user trying to decide how to grant or deny access to some resource to a third party. This analysis points to problems with the conceptual usability of the system. Significant effort is required on the part of the user to determine how to implement the desired access rules; the user, however, has low interest and expertise in this task, given that such access management actions are almost always secondary to the collaborative task at hand. The analysis does however indicate a possible solution: to recast the access control puzzle as a decision support problem in which user intentions (i.e. the descriptions of desired system outputs) are interpreted by an access mediator that either automatically or semi-automa...
Xiang Cao, Lee Iverson
Added 14 Jun 2010
Updated 14 Jun 2010
Type Conference
Year 2006
Where SOUPS
Authors Xiang Cao, Lee Iverson
Comments (0)