Graph-Based Algorithms for Boolean Function Manipulation
IEEE Transactions on Computers
DAC '91 Proceedings of the 28th ACM/IEEE Design Automation Conference
Who are the variables in your neighborhood
ICCAD '95 Proceedings of the 1995 IEEE/ACM international conference on Computer-aided design
Improving the Variable Ordering of OBDDs Is NP-Complete
IEEE Transactions on Computers
NSPW '96 Proceedings of the 1996 workshop on New security paradigms
A uniform framework for regulating service access and information release on the web
Journal of Computer Security
ACM Transactions on Information and System Security (TISSEC)
The Interactive Workspaces Project: Experiences with Ubiquitous Computing Rooms
IEEE Pervasive Computing
A Middleware Infrastructure for Active Spaces
IEEE Pervasive Computing
Exponential Lower Bounds on the Size of OBDDs Representing Integer Divistion
ISAAC '97 Proceedings of the 8th International Symposium on Algorithms and Computation
User Interaction Design for Secure Systems
ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
Access Control for Active Spaces
ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
A Unified Scheme for Resource Protection in Automated Trust Negotiation
SP '03 Proceedings of the 2003 IEEE Symposium on Security and Privacy
A Component-Based Architecture for Secure Data Publication
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
On variable ordering of binary decision diagrams for the application of multi-level logic synthesis
EURO-DAC '91 Proceedings of the conference on European design automation
Secure context-sensitive authorization
Pervasive and Mobile Computing
Intentional access management: making access control usable for end-users
SOUPS '06 Proceedings of the second symposium on Usable privacy and security
Proceedings of the 12th ACM symposium on Access control models and technologies
Lessons learned from the deployment of a smartphone-based access-control system
Proceedings of the 3rd symposium on Usable privacy and security
A user study of policy creation in a flexible access-control system
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Interactive access control for autonomic systems: From theory to implementation
ACM Transactions on Autonomous and Adaptive Systems (TAAS)
A decision support system for secure information sharing
Proceedings of the 14th ACM symposium on Access control models and technologies
Advanced Policy Explanations on the Web
Proceedings of the 2006 conference on ECAI 2006: 17th European Conference on Artificial Intelligence August 29 -- September 1, 2006, Riva del Garda, Italy
Laissez-faire file sharing: access control designed for individuals at the endpoints
NSPW '09 Proceedings of the 2009 workshop on New security paradigms workshop
A RT0-based compliance checker model for automated trust negotiation
PAISI'07 Proceedings of the 2007 Pacific Asia conference on Intelligence and security informatics
The role of abduction in declarative authorization policies
PADL'08 Proceedings of the 10th international conference on Practical aspects of declarative languages
Policy framework for security and privacy management
IBM Journal of Research and Development
Cue: a framework for generating meaningful feedback in XACML
Proceedings of the 3rd ACM workshop on Assurable and usable security configuration
An intelligent information sharing control system for dynamic collaborations
Proceedings of the 8th International Conference on Frontiers of Information Technology
More than skin deep: measuring effects of the underlying model on access-control system usability
Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Hi-index | 0.00 |
We examine the problem of providing useful feedback about access control decisions to users while controlling the disclosure of the system's security policies. Relevant feedback enhances system usability, especially in systems where permissions change in unpredictable ways depending on contextual information. However, providing feedback indiscriminately can violate the confidentiality of system policy. To achieve a balance between system usability and the protection of security policies, we present Know, a framework that uses cost functions to provide feedback to users about access control decisions. Know honors the policy protection requirements, which are represented as a meta-policy, and generates permissible and relevant feedback to users on how to obtain access to a resource. To the best of our knowledge, our work is the first to address the need for useful access control feedback while honoring the privacy and confidentiality requirements of a system's security policy.