VisABAC: A Tool for Visualising ABAC Policies

Charles Morisset, David Sanchez

Abstract

Authoring and editing access control policy can be a complex and cognitive demanding task, especially when dealing with a large number of rules and attributes. Visualisation techniques are known to be helpful to users analysing intricate data, and can, in some contexts, help decreasing the cognitive load. In this paper, we propose a new tool, VisABAC, which enables the visualisation of attribute based access control policies using the Circle Packing method. We used a participatory design, following a survey of existing visualisation methods in access control. VisABAC is designed as a web-page component, developed in Javascript using the D3.js library, and as such is easily usable without requiring any particular setup. In addition to presenting VisABAC, we demonstrate its usability by conducting a controlled experiment with 32 participants, asking them to change some attribute values in order to obtain a given decision for a policy, and measuring the time taken by participants to conduct these tasks (the faster, the better). We show a small to medium effect size (d =0:44), thus indicating that VisABAC is a promising tool for authoring and editing access control policies.

References

Download


Paper Citation


in Harvard Style

Morisset C. and Sanchez D. (2018). VisABAC: A Tool for Visualising ABAC Policies.In Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-282-0, pages 117-126. DOI: 10.5220/0006647401170126


in Bibtex Style

@conference{icissp18,
author={Charles Morisset and David Sanchez},
title={VisABAC: A Tool for Visualising ABAC Policies},
booktitle={Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2018},
pages={117-126},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006647401170126},
isbn={978-989-758-282-0},
}


in EndNote Style

TY - CONF

JO - Proceedings of the 4th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - VisABAC: A Tool for Visualising ABAC Policies
SN - 978-989-758-282-0
AU - Morisset C.
AU - Sanchez D.
PY - 2018
SP - 117
EP - 126
DO - 10.5220/0006647401170126