« When the cure is the problem | Main | You Gotta Iterate: Threat Models Apply to Security Features Too »

Comments

Robert Stratton

This is right on the mark. The past 2 decades produced no dearth of robust security technologies with abysmal human factors problems.

Mandatory access controls are not, in and of themselves, bad things in systems, but I have yet to see a system deploying them that appears to have had any significant investment in human interface design. For any of us to wonder why deployment has been lackluster is at best naïve and at worst disingenuous.

Rob Lewis

@Robert Stratton

You have hit the nail on the head regarding the lack of human interface design being a barrier to practical implementation of mac/mls. The "abysmal human factors problems" is reflected in the disconnect between business operational rules and IT security policies.

We provide an authorization engine with the ability to define and map relationships between users, groups, files, directories, networks and systems. This fundamental design is necessary to provide security settings in human terms. There are other things required to enable manageability since usability is fundamental to delivering strong security, such as a natural language security specification, use of open standards for interoperability, utilities, tools, application interfaces, and integration capabilities, protection profile templates, security visualization library and tools that will eventually provide touch screen interfaces etc..

Ironically, our abysmal human factors problem has simply been trying to convince the security community that we can actually do this, (in the absence of marketing dollars).

FYI Gunnar,

We can provide anywhere from full to none, or anywhere in between as far as root access goes. We can grant some root privileges to regular users, or remove some root privileges from root users, as well as set limits or boundaries as to how many times they may be used, when, how, etc.. Have a use for this?

The comments to this entry are closed.