[EROS-Arch] Re: [E-Lang] Interaction Design for End-User Secu
rity
Karp, Alan
alan_karp@hp.com
Mon, 19 Mar 2001 08:35:15 -0800
MarkM wrote:
>
> I'd like to emphasize just how crucially important this work
> is, as well as
> how good it is. Security isn't very meaningful if humans
> can't be securely
> included. Prior to this work, the only serious works I know on user
> interface/interaction security are
>
> (snip)
I concur with what MarkM says about prior work. When putting together our
demo for e-speak in mid 1996, we realized that we needed a GUI for defining
security policies, so we went looking for one and came up dry. The only
thing we found was Microsoft's Internet Explorer Internet Options Security
policy window. In that, you set up zones and a security policy for each.
It's not really a very good match for capability systems. We ended up
writing our own, which in retrospect was even worse. Fortunately, it never
made it into the product.
_________________________
Alan Karp
Principal Scientist
Decision Technology Department
Hewlett-Packard Laboratories MS 1U-2
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-6278
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp/