2006 | OriginalPaper | Buchkapitel
A Usability Study of Security Policy Management
verfasst von : Almut Herzog, Nahid Shahmehri
Erschienen in: Security and Privacy in Dynamic Environments
Verlag: Springer US
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
Security policy management is a difficult and security-critical task. We have evaluated Java’s policytool with a usability study to see how well it can support users in setting up an appropriate security policy. The Java policytool is a graphical user interface tool integrated into Sun Microsystem Inc.’s Java 5.0 distribution for setting up security policies that can enable e.g. applets with more permissions than the default sandbox.
Results show that policytool is in line with other security tools, namely usability is poor. Policytool provides a certain degree of syntax help to novice users but it does not help with semantics, does not cater to expert users and actually does promote the accidental set-up of too lenient a policy. We show specific usability problems in policytool, comment on the differences in the policy files created by our study users, explore ways of solving the error-prone task of setting up a Java policy and relate this to the general subject of usability of security tools.