KNOW Why Your Access Was Denied: Regulating Feedback for Usable Security

机译：了解为什么您的访问被拒绝：调整反馈以获得可用的安全性

获取原文

获取原文并翻译 | 示例

页面导航

摘要
著录项
相似文献
相关主题

摘要

We examine the problem of providing useful feedback about access control decisions to users while controlling the disclosure of the system's security policies. Relevant feedback enhances system usability, especially in systems where permissions change in unpredictable ways depending on contextual information. However, providing feedback indiscriminately can violate the confidentiality of system policy. To achieve a balance between system usability and the protection of security policies, we present Know, a framework that uses cost functions to provide feedback to users about access control decisions. Know honors the policy protection requirements, which are represented as a meta-policy, and generates permissible and relevant feedback to users on how to obtain access to a resource. To the best of our knowledge, our work is the first to address the need for useful access control feedback while honoring the privacy and confidentiality requirements of a system's security policy.

机译：我们研究了在控制系统安全策略公开的同时向用户提供有关访问控制决策的有用反馈的问题。相关反馈可增强系统可用性，尤其是在权限根据上下文信息以无法预测的方式更改的系统中。但是，不加选择地提供反馈会违反系统策略的机密性。为了在系统可用性和安全策略保护之间取得平衡，我们提出了Know（知识）框架，该框架使用成本函数向用户提供有关访问控制决策的反馈。 Know尊重策略保护要求（表示为元策略），并就如何获得对资源的访问权向用户生成允许的相关反馈。据我们所知，我们的工作是第一个在满足系统安全策略的隐私和机密性要求的同时满足有用的访问控制反馈需求的工作。

著录项

来源
《Association for Computing Machinery(ACM) Conference on Computer and Communications Security(CS 2004); 20041025-29; Washington,DC(US)》|2004年|P.52-61|共10页
会议地点 WashingtonDC(US)
作者
Apu Kapadia; Geetanjali Sampemane; Roy H. Campbell;
展开▼
作者单位

Department of Computer Science University of Illinois at Urbana-Champaign Urbana, IL 61801;

展开▼
会议组织
原文格式 PDF
正文语种 eng
中图分类计算技术、计算机技术;
关键词
security; access control; policy protection; privacy; feedback; usability;

机译：安全;访问控制;策略保护;隐私;反馈;可用性;

相似文献

外文文献
中文文献
专利

1. Integrating Visual Mnemonics and Input Feedback With Passphrases to Improve the Usability and Security of Digital Authentication [J] . Juang Kevin, Greenstein Joel Human Factors . 2018,第5期

机译：将视觉助记符和输入反馈与密码短语集成在一起，以提高数字身份验证的可用性和安全性
2. A usability study of a critical man–machine interface: Can layperson responders perform optimal compression rates when using a public access defibrillator with automated real-time feedback during cardiopulmonary resuscitation? [J] . Hannah Torney, Peter OHare, Laura Davis, Human-Machine Systems, IEEE Transactions on . 2016,第5期

机译：对关键的人机界面的可用性研究：当在心肺复苏过程中使用带有自动实时反馈的公共除颤器时，外行应答者能否执行最佳压缩率？
3. Mobile Access to ClinicalConnect: A User Feedback Survey on Usability, Productivity, and Quality [J] . Bell Raj Eapen MD MSc, Barbara Chapman BSc JMIR mHealth and uHealth . 2015,第2期

机译：移动访问ClinicalConnect：关于可用性，生产率和质量的用户反馈调查
4. KNOW Why Your Access Was Denied: Regulating Feedback for Usable Security [C] . Apu Kapadia, Geetanjali Sampemane, Roy H. Campbell Association for Computing Machinery Conference on Computer and Communications Security . 2004

机译：了解为什么您的访问被拒绝：调节可用安全性的反馈
5. Access denied: Overcoming barriers to adoption and implementation of web accessibility. [D] . Farrelly, Glen. 2010

机译：拒绝访问：克服采用和实施Web可访问性的障碍。
6. Access Denied Science Denied [O] . Wendy Chavkin 2004

机译：访问被拒绝科学被拒绝
7. Know Why Your Access Was Denied: Regulating Feedback for Usable Security [O] . Kapadia Apu C., Sampemane Geetanjali 2004

机译：知道为什么拒绝访问：调整可用安全性的反馈

KNOW Why Your Access Was Denied: Regulating Feedback for Usable Security

摘要

著录项

相似文献

相关主题

期刊订阅