Authorisation in context: Incorporating context-sensitivity into an access control framework

Faily S., Lyle J., Fléchais I., Atzeni A., Cameroni C., Myrhaug H., ...Daha Fazla

28th International BCS Human Computer Interaction Conference: Sand, Sea and Sky - Holiday HCI, HCI 2014, Southport, İngiltere, 9 - 12 Eylül 2014, ss.189-194, (Tam Metin Bildiri) identifier

  • Yayın Türü: Bildiri / Tam Metin Bildiri
  • Doi Numarası: 10.14236/ewic/hci2014.21
  • Basıldığı Şehir: Southport
  • Basıldığı Ülke: İngiltere
  • Sayfa Sayıları: ss.189-194
  • Anahtar Kelimeler: Access control, Affinity diagram, HCI-security, Policy
  • Çanakkale Onsekiz Mart Üniversitesi Adresli: Hayır

Özet

With sensitive information about ourselves now distributed across personal devices, people need to make access control decisions for different contexts of use. However, despite advances in improving the usability of access control for both developers and users, we still lack insights about how the intentions behind policy decisions in different contexts of use are shaped. In this paper, we describe how context was incorporated into an access control framework using a study of how context influences access control decision making. We describe how the main recommendations arising from this study were used to build context into a policy editor for this access control framework.