'R-What?' Development of a role-based access control policy-writing tool for e-Scientists

نویسندگان

  • Sacha Brostoff
  • M. Angela Sasse
  • David W. Chadwick
  • Jim Cunningham
  • Uche M. Mbanaso
  • Sassa Otenko
چکیده

An access control policy writing tool for the PERMIS role-based privileges management infrastructure was iteratively developed employing usability principles and techniques. Expert and intermediate users’ efficiency in policy creation was improved. Three novice users took part in a usability trial with the first prototype, attempting to recreate a simple policy in 15 minutes that had been specified in plain English. The participants had not properly understood the labelling of buttons or fields in the interface, and so experienced difficulty in breaking down the policy into components and identifying parts of the application to put them in. The non-specialists found it challenging to express access policy effectively because their concept of it did not match what was presented to them on screen. Bubble help and alert boxes were expanded and made more prescriptive to guide their actions without impacting expert users’ efficiency. Conceptual design techniques were used to revise the labels based on potential users’ descriptions of RBAC. A questionnaire study showed improved label intuitiveness (t=6.28, df=7, p=.000 two tailed): e-Scientists and developers were better able to describe access policy components from labels, and match labels with components. This project has successfully developed an access control tool to improve security specialists’ productivity and improve the wider e-Science community’s access to a flexible security infrastructure.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Enforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)

One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...

متن کامل

Analysis of the Impact of Economic Sanctions on Health Research and Publication Activities of Scientists from Iran

The article discusses the publication activity of scientists in the field of studying the consequences of US economic sanctions against Iran, and their impact on the development of science and the economy in this countries. The paper considers the dynamics of publication activity in the field of biomedicine of Iranian scientists over the past 20 years. Increased sanctions have led to a shortage...

متن کامل

Attribute-based Access Control for Cloud-based Electronic Health Record (EHR) Systems

Electronic health record (EHR) system facilitates integrating patients' medical information and improves service productivity. However, user access to patient data in a privacy-preserving manner is still challenging problem. Many studies concerned with security and privacy in EHR systems. Rezaeibagha and Mu [1] have proposed a hybrid architecture for privacy-preserving accessing patient records...

متن کامل

A semantic-aware role-based access control model for pervasive computing environments

Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information completely and accurately all the time. Thus, a suitable access control model for PCEs...

متن کامل

Investigating the Role of the City of Anbar in the Development and Transmission of the Arabic Writing

Anbar is a city with a civilizational background and a strategic position among the three Sassanian, Syriac and Greek civilizations, enjoying many privileges. In the Islamic era, it was adjacent to the Umayyad majestic Damascus, the magnificent Baghdad of the Abbasid and Kufa, and the first stronghold of the Muslis' city. The shadow of the greatness of the adjacent areas has always affected Anb...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • Softw., Pract. Exper.

دوره 35  شماره 

صفحات  -

تاریخ انتشار 2005