[cap-talk] Drag & "Attenuated" Drop?
Karp, Alan H
alan.karp at hp.com
Fri Sep 4 14:58:06 PDT 2009
Raoul Duke wrote:
>
> i fear most users will not understand the full implications are of
> their designations.
>
In putting together a paper on SCoopFS, we identified four principles for building UIs that don't take people out of the task workflow to make security decisions. These principles assume we're using capabilities because that's the only access control method that supports the sharing properties people expect.
1. Every separately controllable object must be represented by a capability that is uniquely distinguishable to the user.
The file explorer view, such as the one in CapDesk, takes care of this one.
2. Every possible policy decision on an object must appear as a unique affordance in the user interface.
I believe this is the one you're worried about. Using a unique affordance for each option, such as a menu item, should help the user by showing the alternatives. This one was easy in SCoopFS because we had full control over the user experience. In what's being talked about here the goal is to come as close as possible to an existing user experience. One thought would be to have a menu pop up when the dragged item hovers over a drop target, listing the sharing options appropriate for that target. For example, the menu might show only Read options for Adobe Reader.
3. Every policy decision the user has made must be represented by a capability that is uniquely distinguishable to the user.
I believe this one the main thing we did differently in SCoopFS. I envision a menu item in the application listing the rights it has been granted. It would be nice if that info was also available from a representation of the process, such as the task manager.
4. Every possible change to a previously made policy decision must appear as a unique affordance in the user interface.
That menu I mentioned in the previous step can have a Revoke All as well as a revoke option for each individual right.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
http://www.hpl.hp.com/personal/Alan_Karp
More information about the cap-talk
mailing list