The Price of Belief: Insuring Credible Trust?
Today, the majority of distributed system users are not systems programmers, nor do they aspire to be. The problem with existing access control mechanisms is not that they don’t work, it is that users despise them and will not interact with them in the way the security model requires. We argue that this is not primarily a user-education issue; instead the user interface needs to be re-factored in a way that will involve a radical change to the way security is modelled.
- 3.Chuang, S., Wernick, P.: A credibility-based model of computer system security. In: Proceedings of New Security Paradigms 1996, Lake Arrowhead CA, 17–19 September 1996, pp. 53–58. ACM Press (1996)Google Scholar
- 4.Clarke, S., Christianson, B., Xiao, H.: Trust*: using local guarantees to extend the reach of trust. In: Christianson, B., Malcolm, J.A., Matyáš, V., Roe, M. (eds.) Security Protocols 2009. LNCS, vol. 7028, pp. 171–178. Springer, Heidelberg (2013). doi: 10.1007/978-3-642-36213-2_21 CrossRefGoogle Scholar
- 5.Maw, H.A., Xiao, H., Christianson, B., Malcolm, J.: An evaluation of break-the-glass access control model for medical data in wireless sensor networks. In: Proceedings of IEEE 16th International Conference on e-Health Networking, Applications and Services (Healthcom), 15–18 October 2014, Natal, United Kingdom, pp. 130–135. IEEE (2015). doi: 10.1109/HealthCom.2014.7001829
- 6.Osborne, H., Hartley, E.: Contactless payments mean card fraud now happens after cancellation. Guardian Money (2015). http://www.theguardian.com/money/2015/dec/19/contactless-payments-card-fraud-after-cancellation-bank-account. Accessed 22 Jan 2016