Browse by author
Lookup NU author(s): Dr Charles Morisset
Full text for this publication is not currently held within this repository. Alternative links are provided below where available.
Copyright © 2018 by SCITEPRESS – Science and Technology Publications, Lda. All rights reserved. Authoring and editing access control policy can be a complex and cognitive demanding task, especially when dealing with a large number of rules and attributes. Visualisation techniques are known to be helpful to users analysing intricate data, and can, in some contexts, help decreasing the cognitive load. In this paper, we propose a new tool, VisABAC, which enables the visualisation of attribute based access control policies using the Circle Packing method. We used a participatory design, following a survey of existing visualisation methods in access control. VisABAC is designed as a web-page component, developed in Javascript using the D3.js library, and as such is easily usable without requiring any particular setup. In addition to presenting VisABAC, we demonstrate its usability by conducting a controlled experiment with 32 participants, asking them to change some attribute values in order to obtain a given decision for a policy, and measuring the time taken by participants to conduct these tasks (the faster, the better). We show a small to medium effect size (d = 0.44), thus indicating that VisABAC is a promising tool for authoring and editing access control policies.
Author(s): Morisset C, Sanchez D
Publication type: Conference Proceedings (inc. Abstract)
Publication status: Published
Conference Name: ICISSP 2018 - 4th International Conference on Information Systems Security and Privacy
Year of Conference: 2018
Pages: 117-126
Acceptance date: 22/01/2018
Publisher: SciTePress
Library holdings: Search Newcastle University Library for this item
ISBN: 9789897582820
