Effective Visualization of File System Access-Control

  • Alexander Heitzmann
  • Bernardo Palazzi
  • Charalampos Papamanthou
  • Roberto Tamassia
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5210)

Abstract

In this paper, we present a visual representation of access control permissions in a standard hierarchical file system. Our visualization of file permissions leverages treemaps, a popular graphical representation of hierarchical data. In particular, we present a visualization of access control for the NTFS file system that can help a non-expert user understand and manipulate file system permissions in a simple and effective way. While our examples are based on NTFS, our approach can be used for many other hierarchical file systems as well.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bladh, T., Carr, D.A., Schol, J.: Extending tree-maps to three dimensions: A comparative study. In: Masoodian, M., Jones, S., Rogers, B. (eds.) APCHI 2004. LNCS, vol. 3101, pp. 50–59. Springer, Heidelberg (2004)Google Scholar
  2. 2.
    Bruls, M., Huizing, K., van Wijk, J.: Squarified treemaps. In: Proc. of Joint Eurographics and IEEE TCVG Symp. on Visualization (TCVG), pp. 33–42 (2000)Google Scholar
  3. 3.
    Cao, X., Iverson, L.: Intentional access management: making access control usable for end-users. In: Proc. of Int. Symposium on Usable Privacy and Security (SOUPS), pp. 20–31 (2006)Google Scholar
  4. 4.
    Foster, J., Subramanian, K., Herring, R., Ahn, G.: Interactive exploration of the AFS file system. In: Proc. of the IEEE Symposium on Information Visualization (INFOVIS), p. 215 (2004)Google Scholar
  5. 5.
    Jaeger, T., Tidswell, J.E.: Practical safety in flexible access control models. ACM Trans. Information Systems Security 4(2), 158–190 (2001)CrossRefGoogle Scholar
  6. 6.
    Johnson, B., Shneiderman, B.: Tree maps: A space-filling approach to the visualization of hierarchical information structures. In: Proc. IEEE Visualization, pp. 284–291 (1991)Google Scholar
  7. 7.
    Johnston, J.B.: The contour model of block structured processes. SIGPLAN Not. 6(2), 55–82 (1971)CrossRefGoogle Scholar
  8. 8.
    Montemayor, J., Freeman, A., Gersh, J., Llanso, T., Patrone, D.: Information visualization for rule-based resource access control. In: Proc. of Int. Symposium on Usable Privacy and Security (SOUPS) (2006)Google Scholar
  9. 9.
    Reeder, R., Bauer, L., Cranor, L., Reiter, M., Bacon, K., How, K., Strong, H.: Expandable grids for visualizing and authoring computer security policies. In: Proc. ACM Conf. on Human Factors in Computing Systems (CHI), pp. 1473–1482 (2008)Google Scholar
  10. 10.
    Rode, J., Johansson, C., DiGioia, P., Filho, R.S.S., Nies, K., Nguyen, D.H., Ren, J., Dourish, P., Redmiles, D.F.: Seeing further: extending visualization as a basis for usable security. In: SOUPS, pp. 145–155 (2006)Google Scholar
  11. 11.
    Russinovich, M.E., Solomon, D.A.: Microsoft Windows Internals, 4th edn. Microsoft Windows Server TM2003, Windows XP, and Windows 2000 (Pro-Developer). Microsoft Press, Redmond (2004)Google Scholar
  12. 12.
    Stasko, J.: An evaluation of space-filling information visualizations for depicting hierarchical structures. Int. J. Hum.-Comput. Stud. 53(5), 663–694 (2000)MATHCrossRefGoogle Scholar
  13. 13.
    Wilson, R.M., Bergeron, R.D.: Dynamic hierarchy specification and visualization. In: Proc. of the IEEE Symposium on Information Visualization (INFOVIS), p. 65 (1999)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Alexander Heitzmann
    • 1
  • Bernardo Palazzi
    • 1
    • 2
    • 3
  • Charalampos Papamanthou
    • 1
  • Roberto Tamassia
    • 1
  1. 1.Department of Computer ScienceBrown UniversityProvidence, RIUSA
  2. 2.Roma TRE UniversityRomeItaly
  3. 3.ISCOM Italian Ministry of CommunicationsRomeItaly

Personalised recommendations