skip to main content
10.1145/1357054.1357086acmconferencesArticle/Chapter ViewAbstractPublication PageschiConference Proceedingsconference-collections
research-article

Access control by testing for shared knowledge

Published:06 April 2008Publication History

ABSTRACT

Controlling the privacy of online content is difficult and often confusing. We present a social access control where users devise simple questions testing shared knowledge instead of constructing authenticated accounts and explicit access control rules. We implemented a prototype and conducted studies to explore the context of photo sharing security, gauge the difficulty of creating shared knowledge questions, measure their resilience to adversarial attack, and evaluate user ability to understand and predict this resilience.

References

  1. Cao, X. and Iverson, L. (2006). Intentional Access Management: Making Access Control Usable for End-Users. Proceedings of the Symposium on Usable Privacy and Security, (SOUPS 2006) 20--31. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Lederer, S., Jason Hong., Dey, A.K., and Landay, J. (2004). Personal Privacy through Understanding and Action: Five Pitfalls for Designers. Personal and Ubiquitous Computing. 8(6), 440--454. Google ScholarGoogle ScholarCross RefCross Ref
  3. Pering, T., Sundar, M., Light, J. and Want, R. (2003). Photographic Authentication through Untrusted Terminals. IEEE Pervasive Computing, 2(1), 30--36. Google ScholarGoogle ScholarDigital LibraryDigital Library
  4. Tajfel H, Billig M G, Bundy R P & Flament C. (1971). Social Categorization and Intergroup Behaviour. European Journal of Social Psychology 1(2), 149--177.sGoogle ScholarGoogle ScholarCross RefCross Ref
  5. Zviran, M., Haga, W.J. (1990). User Authentication by Cognitive Passwords: An Empirical Assessment. Jerusalem Conference on Information Technology, 137--144. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Access control by testing for shared knowledge

      Recommendations

      Comments

      Login options

      Check if you have access through your login credentials or your institution to get full access on this article.

      Sign in
      • Published in

        cover image ACM Conferences
        CHI '08: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
        April 2008
        1870 pages
        ISBN:9781605580111
        DOI:10.1145/1357054

        Copyright © 2008 ACM

        Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

        Publisher

        Association for Computing Machinery

        New York, NY, United States

        Publication History

        • Published: 6 April 2008

        Permissions

        Request permissions about this article.

        Request Permissions

        Check for updates

        Qualifiers

        • research-article

        Acceptance Rates

        CHI '08 Paper Acceptance Rate157of714submissions,22%Overall Acceptance Rate6,199of26,314submissions,24%

        Upcoming Conference

        CHI '24
        CHI Conference on Human Factors in Computing Systems
        May 11 - 16, 2024
        Honolulu , HI , USA

      PDF Format

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader