Title :
What´s Wrong with Access Control in the Real World?
Author :
Sinclair, Sara ; Smith, Sean W.
Author_Institution :
Dartmouth Coll., Dartmouth, NH, USA
Abstract :
This article enumerates some simplifying assumptions the security community has made in its effort to gain traction with the access control problem. For many environments, a dramatic and painful mismatch seems to exist between these simplifying assumptions and reality. The authors argue that effective security in these environments might therefore require rethinking these assumptions.
Keywords :
authorisation; access control; Access control; Business continuity; Decision making; Risk management; Security; access control; least privilege; policy; usable security.;
Journal_Title :
Security & Privacy, IEEE
DOI :
10.1109/MSP.2010.139
