Scholars@Duke

More than skin deep: Measuring effects of the underlying model on access-control system usability

Publication ,  Conference
Reeder, RW; Bauer, L; Cranor, LF; Reiter, MK; Vaniea, K
Published in: Conference on Human Factors in Computing Systems - Proceedings
January 1, 2011
Published version (DOI)

In access-control systems, policy rules conflict when they prescribe different decisions (ALLOW or DENY) for the same access. We present the results of a user study that demonstrates the significant impact of conflict-resolution method on policy-authoring usability. In our study of 54 participants, varying the conflict-resolution method yielded statistically significant differences in accuracy in five of the six tasks we tested, including differences in accuracy rates of up to 78%. Our results suggest that a conflict-resolution method favoring rules of smaller scope over rules of larger scope is more usable than the Microsoft Windows operating system's method of favoring deny rules over allow rules. Perhaps more importantly, our results demonstrate that even seemingly small changes to a system's semantics can fundamentally affect the system's usability in ways that are beyond the power of user interfaces to correct. Copyright 2011 ACM.

Duke Scholars

Michael Reiter
Author Michael Reiter Computer Science

Published In

Conference on Human Factors in Computing Systems - Proceedings

DOI

10.1145/1978942.1979243

Publication Date

January 1, 2011

Start / End Page

2065 / 2074

Related Subject Headings

  • 3507 Strategy, management and organisational behaviour
  • 1503 Business and Management
  • 1202 Building
 

Citation

APA
Chicago
ICMJE
MLA
NLM
Reeder, R. W., Bauer, L., Cranor, L. F., Reiter, M. K., & Vaniea, K. (2011). More than skin deep: Measuring effects of the underlying model on access-control system usability. In Conference on Human Factors in Computing Systems - Proceedings (pp. 2065–2074). https://doi.org/10.1145/1978942.1979243
Reeder, R. W., L. Bauer, L. F. Cranor, M. K. Reiter, and K. Vaniea. “More than skin deep: Measuring effects of the underlying model on access-control system usability.” In Conference on Human Factors in Computing Systems - Proceedings, 2065–74, 2011. https://doi.org/10.1145/1978942.1979243.
Reeder RW, Bauer L, Cranor LF, Reiter MK, Vaniea K. More than skin deep: Measuring effects of the underlying model on access-control system usability. In: Conference on Human Factors in Computing Systems - Proceedings. 2011. p. 2065–74.
Reeder, R. W., et al. “More than skin deep: Measuring effects of the underlying model on access-control system usability.” Conference on Human Factors in Computing Systems - Proceedings, 2011, pp. 2065–74. Scopus, doi:10.1145/1978942.1979243.
Reeder RW, Bauer L, Cranor LF, Reiter MK, Vaniea K. More than skin deep: Measuring effects of the underlying model on access-control system usability. Conference on Human Factors in Computing Systems - Proceedings. 2011. p. 2065–2074.

Published In

Conference on Human Factors in Computing Systems - Proceedings

DOI

10.1145/1978942.1979243

Publication Date

January 1, 2011

Start / End Page

2065 / 2074

Related Subject Headings

  • 3507 Strategy, management and organisational behaviour
  • 1503 Business and Management
  • 1202 Building