Usability of Decentralized Authorization Systems - A Comparative Study

@inproceedings{citeulike:559263, abstract = {One new type of a security system is a decentralized authorization system that allows an owner of a resource to decide who can use this resource - even without trust towards external third parties. The idea itself is fascinating, but how about its usability? Security systems are generally considered to be difficult to understand and use. This paper compares the usability features and problems of three decentralized authorization systems: PolicyMaker, KeyNote and SPKI/SDSI. The analysis is based on the Heuristic Evaluation and Cognitive Walkthrough usability test methods. The analysis suggests that approaches of public key infrastructure type, such as the SPKI/SDSI authorization system, have the best usability features but even then the current state of the art is far from the end-user requirements. Designing and measuring usability of these systems is hard, complicated by the fact that security is only a means to achieve the user goal, not the goal as such.}, author = {Liimatainen, S. }, citeulike-article-id = {559263}, journal = {System Sciences, 2005. HICSS '05. Proceedings of the 38th Annual Hawaii International Conference on}, keywords = {access, authorization, control, usability}, pages = {186b}, posted-at = {2007-07-31 22:46:35}, priority = {2}, title = {Usability of Decentralized Authorization Systems - A Comparative Study}, url = {http://ieeexplore.ieee.org/xpls/abs\_all.jsp?arnumber=1385613}, year = {2005} }

TY - CONF ID - citeulike:559263 L3 - citeulike-article-id:559263 N2 - One new type of a security system is a decentralized authorization system that allows an owner of a resource to decide who can use this resource - even without trust towards external third parties. The idea itself is fascinating, but how about its usability? Security systems are generally considered to be difficult to understand and use. This paper compares the usability features and problems of three decentralized authorization systems: PolicyMaker, KeyNote and SPKI/SDSI. The analysis is based on the Heuristic Evaluation and Cognitive Walkthrough usability test methods. The analysis suggests that approaches of public key infrastructure type, such as the SPKI/SDSI authorization system, have the best usability features but even then the current state of the art is far from the end-user requirements. Designing and measuring usability of these systems is hard, complicated by the fact that security is only a means to achieve the user goal, not the goal as such. JF - System Sciences, 2005. HICSS '05. Proceedings of the 38th Annual Hawaii International Conference on EP - 186b TI - Usability of Decentralized Authorization Systems - A Comparative Study SP - 186b KW - access KW - authorization KW - control KW - usability AU - Liimatainen, S PY - 2005/// UR - http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=1385613 ER -