Help me keep data out of the wrong hands
January 17, 2008 4:35 AM   Subscribe

What are some good resources for designing an access control and permissions system?

It has fallen to me to build an access control system from the ground up for my company, now that we have outgrown our previous system. I have a lot of experience with access control systems, but I have never designed one, and I want to make sure I am not missing something important as I go forward.
posted by Nothing to Computers & Internet (1 answer total) 7 users marked this as a favorite
Best answer: Several tips here. First I'd suggest getting the book Security and Usability.

Lorrie Cranor (one of the co-authors of the above book) and I have also taught a course on Usable Privacy and Security, the slides are all online.

I'd also recommend this paper by one of our PhD students, Rob Reeder, looking at the Windows XP access control user interface (and why it's broken). Reeder, R.W. and Maxion, R.A. User Interface Dependability through Goal-Error Prevention. Presented at International Conference on Dependable Systems and Networks (DSN'05) (Yokohama, Japan, June 28 - July 1, 2005). 2005.

You should also consider whether you want to have positive rules only (allow x, allow y), or negative rules only (do not allow x, do not allow y). A mix of the two can allow possible conflicts to occur.

There are also issues of mandatory access control (typically centrally controlled) vs discretionary (where end-users can also specify policies); role-based access control (do a Google search on RBAC); and optimistic vs pessimistic access control. For this last issue, it's basically do you think that people accessing the system are generally trustworthy and you only need to detect and then fix abuses after the case (optimistic), or do you need to prevent abuses and hence state rules up front (pessimistic).
posted by jasonhong at 8:14 AM on January 17, 2008

« Older Where can I get feedback on my programming?   |   Toy Drums sets in popular recordings? Newer »
This thread is closed to new comments.