Towards Usable Application-Oriented Access Controls: Qualitative Results from a Usability Study of SELinux, AppArmor and FBAC-LSM
暂无分享,去创建一个
Christian Payne | Z. Cliffe Schreuders | Tanya McGill | T. McGill | Z. Schreuders | Christian N. Payne
[1] Alan H. Karp,et al. Polaris: virus-safe computing for Windows XP , 2006, CACM.
[2] Mary Ellen Zurko,et al. A user-centered, modular authorization service built on an RBAC foundation , 1999, Proceedings of the 1999 IEEE Symposium on Security and Privacy (Cat. No.99CB36344).
[3] Toshihiro Yamauchi,et al. SEEdit: SELinux Security Policy Configuration System with Higher Level Language , 2009, LISA.
[4] Christian Payne,et al. Techniques for Automating Policy Specification for Application-oriented Access Controls , 2011, 2011 Sixth International Conference on Availability, Reliability and Security.
[5] Clare-Marie Karat,et al. Usable Policy Template Authoring for Iterative Policy Refinement , 2010, 2010 IEEE International Symposium on Policies for Distributed Systems and Networks.
[6] Jasna Kuljis,et al. Aligning usability and security: a usability study of Polaris , 2006, SOUPS '06.
[7] Christian Payne,et al. Functionality-based Application Confinement - Parameterised Hierarchical Application Restrictions , 2008, SECRYPT.
[8] Xiang Cao,et al. Intentional access management: making access control usable for end-users , 2006, SOUPS '06.
[9] Kirstie Hawkey,et al. Do windows users follow the principle of least privilege?: investigating user account control practices , 2010, SOUPS.
[10] Lujo Bauer,et al. Expandable grids for visualizing and authoring computer security policies , 2008, CHI.
[11] Clare-Marie Karat,et al. An empirical study of natural language parsing of privacy policy rules using the SPARCLE policy workbench , 2006, SOUPS '06.
[12] John Karat,et al. Privacy in information technology: Designing to enable privacy policy management in organizations , 2005, Int. J. Hum. Comput. Stud..
[13] Christian Payne,et al. Empowering End Users to Confine Their Own Applications: The Results of a Usability Study Comparing SELinux, AppArmor, and FBAC-LSM , 2011, TSEC.
[14] Jerome H. Saltzer,et al. The protection of information in computer systems , 1975, Proc. IEEE.
[15] Christian Payne,et al. Reusability of Functionality-Based Application Confinement Policy Abstractions , 2008, ICICS.
[16] Phil Kearns,et al. Domain and Type Enforcement for Linux , 2000, Annual Linux Showcase & Conference.
[17] J. Doug Tygar,et al. Why Johnny Can't Encrypt: A Usability Evaluation of PGP 5.0 , 1999, USENIX Security Symposium.
[18] Wayne Salamon,et al. Implementing SELinux as a Linux Security Module , 2003 .
[19] Frank Hill,et al. Protecting data from malicious software , 2002, 18th Annual Computer Security Applications Conference, 2002. Proceedings..
[20] Crispin Cowan,et al. Linux security modules: general security support for the linux kernel , 2002, Foundations of Intrusion Tolerant Systems, 2003 [Organically Assured and Survivable Information Systems].
[21] Ian Goldberg,et al. A Secure Environment for Untrusted Helper Applications ( Confining the Wily Hacker ) , 1996 .
[22] Simson L. Garfinkel,et al. Security and Usability , 2005 .
[23] Clare-Marie Karat,et al. Usability Challenges in Security and Privacy Policy-Authoring Interfaces , 2007, INTERACT.
[24] Mary Ellen Zurko,et al. User-centered security , 1996, NSPW '96.
[25] Jason Nieh,et al. Apiary: Easy-to-Use Desktop Application Fault Containment on Commodity Operating Systems , 2010, USENIX Annual Technical Conference.
[26] Calton Pu,et al. SubDomain: Parsimonious Server Security , 2000, LISA.
[27] H. Bernard,et al. Techniques to Identify Themes , 2003 .
[28] Niels Provos,et al. Improving Host Security with System Call Policies , 2003, USENIX Security Symposium.
[29] Andrew Berman,et al. TRON: Process-Specific File Protection for the UNIX Operating System , 1995, USENIX.
[30] Clare-Marie Karat,et al. Optimizing a policy authoring framework for security and privacy policies , 2010, SOUPS.
[31] J. B. Brooke,et al. SUS: A 'Quick and Dirty' Usability Scale , 1996 .
[32] Jean Hitchings,et al. Deficiencies of the traditional approach to information security and the requirements for a new methodology , 1995, Comput. Secur..