Authorisation in context: Incorporating context-sensitivity into an access control framework

Faily, S.; Lyle, J.; Fléchais, I.; Atzeni, A.; Cameroni, C.; Myrhaug, H.; Göker, A.; Kleinfeld, R.

doi:10.14236/ewic/hci2014.21

2014

Conference Paper

Abstract

With sensitive information about ourselves now distributed across personal devices, people need to make access control decisions for different contexts of use. However, despite advances in improving the usability of access control for both developers and users, we still lack insights about how the intentions behind policy decisions in different contexts of use are shaped. In this paper, we describe how context was incorporated into an access control framework using a study of how context influences access control decision making. We describe how the main recommendations arising from this study were used to build context into a policy editor for this access control framework.

Author(s)

Faily, S.

Lyle, J.

Fléchais, I.

Atzeni, A.

Cameroni, C.

Myrhaug, H.

Göker, A.

Kleinfeld, R.

Mainwork

HCI 2014 - sand, sea & sky, holiday HCI. Online resource

Conference

International Human Computer Interaction Conference (HCI) 2014

Options

Authorisation in context: Incorporating context-sensitivity into an access control framework