Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
SP
1999
IEEE
1999
IEEE
A User-Centered, Modular Authorization Service Built on an RBAC Foundation
Psychological acceptability has been mentioned as a requirement for secure systems for as long as least privilege and fail safe defaults, but until now has been all but ignored in the actual design of secure systems. We place this principle at the center of our design for Adage, an authorization service for distributed applications. We employ usability design techniques to specify and test the features of our authorization language and the corresponding administrative GUI. Our testing results reinforce our initial design center and suggest directions for deployment of our authorization services. A modular architecture allows us to experiment with our design during short term integration, and evolve it for longer term exploration. An RBAC foundation enables coherent design of flexible authorization constraints and queries. We discuss lessons learned from the implementation of this service through a planned deployment in a context that must balance new research in risk management with d...
Real-time Traffic| Added | 04 Aug 2010 |
| Updated | 04 Aug 2010 |
| Type | Conference |
| Year | 1999 |
| Where | SP |
| Authors | Mary Ellen Zurko, Richard Simon, Tom Sanfilippo |
Comments (0)
Researcher Info
|
