Relating Declarative Semantics and Usability in Access Control

Abstract

This thesis addresses the problem of usability in the context of administration of access control systems. We seek to relate the notion of declarative semantics, a recurring theme in research in access control, with usability. We adopt the concrete context of POSIX ACLs and the traditional interface for it that comprises two utilities getfacl and setfacl. POSIX ACLs are the de facto standard to which POSIX conformant systems such as Linux and OpenBSD adhere. The natural semantics of getfacl and setfacl is operational. By operational we mean that the semantics of these are speci ed procedurally. We have designed and implemented an alternate interface that we call askfacl whose natural semantics is declarative. Declarative semantics means "what you see is what it is." We also discuss our design of askfacl and articulate the following thesis that underlies our work: If the natural semantics of the interface for ACLs is declarative, then a user is able to more quickly, accurately and confidently, inspect and edit ACLs than if the semantics is operational. To validate our thesis we conducted a between participant human-subject usability study with 42 participants. The results of our study measurably demonstrate the goodness of declarative semantics in access control.