Issue No.04 - July/August (2010 vol.8)
Sara Sinclair , Dartmouth College
Sean W. Smith , Dartmouth College
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MSP.2010.139
This article enumerates some simplifying assumptions the security community has made in its effort to gain traction with the access control problem. For many environments, a dramatic and painful mismatch seems to exist between these simplifying assumptions and reality. The authors argue that effective security in these environments might therefore require rethinking these assumptions.
access control, policy, least privilege, usable security.
Sara Sinclair, Sean W. Smith, "What's Wrong with Access Control in the Real World?", IEEE Security & Privacy, vol.8, no. 4, pp. 74-77, July/August 2010, doi:10.1109/MSP.2010.139