Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chameleon: Towards Usable RBAC A. Chris Long Courtney Moskowitz, Greg Ganger ECE Department Carnegie Mellon University.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Chameleon: Towards Usable RBAC A. Chris Long Courtney Moskowitz, Greg Ganger ECE Department Carnegie Mellon University."— Presentation transcript:

1 Chameleon: Towards Usable RBAC A. Chris Long Courtney Moskowitz, Greg Ganger ECE Department Carnegie Mellon University

2 2 Problem: Malware Malware: viruses, trojan horses, worms, etc. Current approaches are inadequate Few address typical home user Malware enabler: all software has permission to do everything

3 3 Problem: Higher Level View The computer is too ignorant Are these secure? format c: cp confidential-info /mnt/floppy Can we get users to tell the computer more about what’s allowable? Prepare for reinstall Trojan horse Transfer btwn. work & home Theft of trade secrets

4 4 Project Inspiration People understand physical access Different access at home for plumbers vs. accountant What about file access control? Answer: too fine-grained, rarely used Few people can manage fine-grained security (e.g., file permissions) Can we improve de facto security with coarse-grained security?

5 5 Chameleon: Coarse-grained Security Partition computer into “roles”, e.g.: Vault Communication Internet Testing System Each app confined to its own role Can we make this model usable?

6 6 Outline Introduction Related Work Chameleon User Studies Discussion, Future Work, & Conclusions

7 7 Related Work HCISEC Security usability [Whitten & Tygar 1999] Design guidelines [Yee 2002] WindowBox [Balfanz & Simon 2000] HCI Desktop info organization [Barreau & Nardi 1995] WorkspaceMirror [Boardman 2002]

8 8 Related Work (cont’d) Security models Compartmented mode workstation [Berger, et al 1990] Role-based access control [Ferraiolo & Kuhn 1992] Sandboxing [Schmid, et al 2002]

9 9 Outline Introduction Related Work Chameleon User Studies Discussion, Future Work, & Conclusions

10 10 Chameleon Research agenda Interface design Awareness Control Usability vs. and security File organization synergy Software design

11 11 Usable Role Management Target audience: typical home computer user Key properties Intelligible Convenient Key tasks Switching roles Moving data & files across roles “Plan to throw the first one away. You will, anyway.” — Fred Brooks

12 12 Paper Prototype Security manager Personal filesComm. app. Unsafe app.

13 13 Outline Introduction Related Work Chameleon User Studies Discussion, Future Work, & Conclusions Security in Context Security Mechanisms Software prototype

14 14 User Study 1: Security In Context Goals Observe ease of use of security features in realistic task Explicit vs. implicit role switching Results Positive opinions about roles Interface implications Changed to single clipboard model Keep implicit role switching Keep plan for role customization

15 15 User Study 2: Security Interface Mechanisms Goals Evaluate desktop display options Evaluate methods for security operations Result summary Generally positive: 5/6 would use interface Opinion divided on desktop icon display Liked drag and drop “I wish some of [your] designs…would be common practice amongst big leading software companies.” — An enthusiastic participant

16 16 Software Prototype Internet app. Testing app. Comm. apps.

17 17 Study 3: Software Prototype Goals Continue usability evaluation Investigate appropriate feedback levels 3 levels: minimal, animated, dialog box Issues: subjective impact, prevent being tricked Results No quantitative effect of feedback on being tricked Few participants caught tricks Overall positive view of Chameleon Security concerns generally correlated with positive views of Chameleon

18 18 Outline Introduction Related Work Chameleon User Studies Discussion, Future Work, & Conclusions

19 19 Discussion Chameleon lessons Make UI role-aware (file dialog) Eliminate “active” role Role purposes must be clear Add “Neutral” or “Default” role Make indicators active (Security Manager) Need better role awareness HCISEC evaluation Laboratory setting ill-suited for evaluation of interaction with “normal” tasks

20 20 Future Work Chameleon development Improve UI design Implement prototype usable by real apps Deploy Chameleon for daily use Continue investigation of Security awareness & control Software architecture for security

21 21 Future Work (cont’d) LevelProCon Operating System Single implementationNo context information ApplicationsContext availableMultiple impls. ToolkitSome context available Single (or few) implementations Right abstractions unknown

22 22 Conclusions Chameleon work in progress HCISEC UI design issues Software architecture HCISEC evaluation Usable RBAC seems feasible

23 23 <= 0.5-baked Idea Problem: How to run software with less than all permissions? Solution: Attach trust/authority/ permission to user action (capability) Propagate capability Starts at input device To OS, to toolkit, to application

24 Thank You chrislong@acm.org http://www.cs.cmu.edu/~chrisl (1 spot in my car for a short person)

Download ppt "Chameleon: Towards Usable RBAC A. Chris Long Courtney Moskowitz, Greg Ganger ECE Department Carnegie Mellon University."

Similar presentations

Jason I. Hong January 31, 2006 Usable Privacy and Security Chameleon and Kazaa.

Jason I. Hong January 31, 2006 Usable Privacy and Security Chameleon and Kazaa.
A Pervasive Reminder System for Smart Homes Sylvain GIROUX and Simon GUERTIN Département d’informatique, Université de Sherbrooke 2500 boul. Université,

A Pervasive Reminder System for Smart Homes Sylvain GIROUX and Simon GUERTIN Département d’informatique, Université de Sherbrooke 2500 boul. Université,
Lesson 17: Configuring Security Policies

Lesson 17: Configuring Security Policies
WHAT IS INTERACTION DESIGN?

WHAT IS INTERACTION DESIGN?
Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.

Lecture 2 Page 1 CS 236, Spring 2008 Security Principles and Policies CS 236 On-Line MS Program Networks and Systems Security Peter Reiher Spring, 2008.
Zero effort security for the home PC users? By Terje Risa.

Zero effort security for the home PC users? By Terje Risa.
CS575 - Human Issues in Computing CSULA Spring 2006 Human Impact of UI Design Paradigms (PART 1 – Overview) Robert Ritchey and Ruben Campos.

CS575 - Human Issues in Computing CSULA Spring 2006 Human Impact of UI Design Paradigms (PART 1 – Overview) Robert Ritchey and Ruben Campos.
Chapter 11 Exploring Windows XP Vol. 1 Part One - Windows XP Professional: The Basics.

Chapter 11 Exploring Windows XP Vol. 1 Part One - Windows XP Professional: The Basics.
Human Computer Interface. HCI and Designing the User Interface The user interface is a critical part of an information system -- it is what the users.

Human Computer Interface. HCI and Designing the User Interface The user interface is a critical part of an information system -- it is what the users.
Requirements Analysis Concepts & Principles

Requirements Analysis Concepts & Principles
Inspection Methods. Inspection methods Heuristic evaluation Guidelines review Consistency inspections Standards inspections Features inspection Cognitive.

Inspection Methods. Inspection methods Heuristic evaluation Guidelines review Consistency inspections Standards inspections Features inspection Cognitive.
CS5540 HCI Assignment 4 Designing a Special Needs Nathan Black Taeho Kim 8 Dec 2004.

CS5540 HCI Assignment 4 Designing a Special Needs Nathan Black Taeho Kim 8 Dec 2004.
Teaching Multimedia. Multimedia is media that uses multiple forms of information content and information processing (e.g. text, audio, graphics, animation,

Teaching Multimedia. Multimedia is media that uses multiple forms of information content and information processing (e.g. text, audio, graphics, animation,
User studies. Why user studies? How do we know security and privacy solutions are really usable? Have to observe users! –you may be surprised by what.

User studies. Why user studies? How do we know security and privacy solutions are really usable? Have to observe users! –you may be surprised by what.
An evaluation framework

An evaluation framework
© Lethbridge/Laganière 2001 Chapter 7: Focusing on Users and Their Tasks1 7.1 User Centred Design (UCD) Software development should focus on the needs.

© Lethbridge/Laganière 2001 Chapter 7: Focusing on Users and Their Tasks1 7.1 User Centred Design (UCD) Software development should focus on the needs.
Firefox 2 Feature Proposal: Remote User Profiles TeamOne August 3, 2007 TeamOne August 3, 2007.

Firefox 2 Feature Proposal: Remote User Profiles TeamOne August 3, 2007 TeamOne August 3, 2007.
COMP1007 Introduction to Requirements Analysis © Copyright De Montfort University 2002 All Rights Reserved COMP1007 Introduction to Requirements Analysis.

COMP1007 Introduction to Requirements Analysis © Copyright De Montfort University 2002 All Rights Reserved COMP1007 Introduction to Requirements Analysis.
[Context to Make You More Aware] Presentation [Adrienne Andrew, Yaw Anokwa, Karl Koscher, Jonathan Lester, Gaetano Borriello Department of Computer Science.

[Context to Make You More Aware] Presentation [Adrienne Andrew, Yaw Anokwa, Karl Koscher, Jonathan Lester, Gaetano Borriello Department of Computer Science.
Tutorial 1 Exploring the Windows 7 Operating System

Tutorial 1 Exploring the Windows 7 Operating System

Similar presentations

Ads by Google