{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,3,26]],"date-time":"2025-03-26T04:13:07Z","timestamp":1742962387436,"version":"3.40.3"},"publisher-location":"Cham","reference-count":33,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030939557"},{"type":"electronic","value":"9783030939564"}],"license":[{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2022,1,1]],"date-time":"2022-01-01T00:00:00Z","timestamp":1640995200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2022]]},"DOI":"10.1007\/978-3-030-93956-4_5","type":"book-chapter","created":{"date-parts":[[2022,1,12]],"date-time":"2022-01-12T08:03:00Z","timestamp":1641974580000},"page":"68-86","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["Granularity and\u00a0Usability in\u00a0Authorization Policies"],"prefix":"10.1007","author":[{"given":"Boyun","family":"Zhang","sequence":"first","affiliation":[]},{"given":"Puneet","family":"Gill","sequence":"additional","affiliation":[]},{"given":"Nelu","family":"Mihai","sequence":"additional","affiliation":[]},{"given":"Mahesh","family":"Tripunitara","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,1,12]]},"reference":[{"key":"5_CR1","unstructured":"Amazon Web Services (AWS): Serverless shopping cart microservice, January 2021.https:\/\/github.com\/aws-samples\/aws-serverless-shopping-cart"},{"key":"5_CR2","unstructured":"Amazon Web Services (AWS): Actions, resources, and condition keys for amazon elastic transcoder. https:\/\/docs.aws.amazon.com\/service-authorization\/latest\/reference\/list_amazonelastictranscoder.html. Accessed 31 Jan 2021"},{"key":"5_CR3","unstructured":"Amazon Web Services (AWS): Amazon dynamodb, https:\/\/aws.amazon.com\/dynamodb\/. Accessed 31 Jan 2021"},{"key":"5_CR4","unstructured":"Amazon Web Services (AWS): Amazon elastic transcoder. https:\/\/aws.amazon.com\/elastictranscoder\/. Accessed 31 Jan 2021"},{"key":"5_CR5","unstructured":"Amazon Web Services (AWS): Amazon resource names (ARMS). https:\/\/docs.aws.amazon.com\/general\/latest\/gr\/aws-arns-and-namespaces.html. Accessed 31 Jan 2021"},{"key":"5_CR6","unstructured":"Amazon Web Services (AWS): Amazon simple queue service. https:\/\/aws.amazon.com\/sqs\/. Accessed 31 Jan 2021"},{"key":"5_CR7","unstructured":"Amazon Web Services (AWS): Amazon web services (AWS) - cloud computing services. https:\/\/aws.amazon.com. Accessed 31 Jan 2021"},{"key":"5_CR8","unstructured":"Amazon Web Services (AWS): Aws identity and access management \u2013 user guide \u2013 access management \u2013 policies and permissions in IAM. https:\/\/docs.aws.amazon.com\/IAM\/latest\/UserGuide\/access_policies.html. Accessed 31 Jan 2021"},{"key":"5_CR9","doi-asserted-by":"crossref","unstructured":"Bauer, L., Cranor, L.F., Reeder, R.W., Reiter, M.K., Vaniea, K.: A user study of policy creation in a flexible access-control system. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI 2008, pp. 543\u2013552. ACM, New York (2008)","DOI":"10.1145\/1357054.1357143"},{"key":"5_CR10","doi-asserted-by":"crossref","unstructured":"Beznosov, K., Inglesant, P., Lobo, J., Reeder, R., Zurko, M.E.: Usability meets access control: challenges and research opportunities. In: Proceedings of the Symposium on Access Control Models and Technologies, SACMAT 2009, pp. 73\u201374. ACM, New York (2009)","DOI":"10.1145\/1542207.1542220"},{"key":"5_CR11","unstructured":"Bishop, M.: Introduction to Computer Security, 1st edn. Addison-Wesley, Boston (2004)"},{"key":"5_CR12","unstructured":"Both, D.: An introduction to linux\u2019s ext4 filesystem. opensource.com, May 2017. https:\/\/opensource.com\/article\/17\/5\/introduction-ext4-filesystem"},{"key":"5_CR13","doi-asserted-by":"crossref","unstructured":"Brostoff, S., Sasse, M.A., Chadwick, D., Cunningham, J., Mbanaso, U., Otenko, S.: \u2018R-what?\u2019 development of a role-based access control policy-writing tool for e-scientists. Softw. Pract. Exp. 35(9), 835\u2013856 (2005)","DOI":"10.1002\/spe.691"},{"key":"5_CR14","unstructured":"Google Developers: Android API reference \u2013 android platform \u2013 manifest.permission, https:\/\/developer.android.com\/reference\/android\/Manifest.permission. Accessed 31 Jan 2021"},{"issue":"5","key":"5_CR15","doi-asserted-by":"publisher","first-page":"1189","DOI":"10.1016\/j.mcm.2013.02.006","volume":"58","author":"S Gusmeroli","year":"2013","unstructured":"Gusmeroli, S., Piccione, S., Rotondi, D.: A capability-based security approach to manage access control in the internet of things. Math. Comput. Model. 58(5), 1189\u20131205 (2013)","journal-title":"Math. Comput. Model."},{"key":"5_CR16","doi-asserted-by":"crossref","unstructured":"Inglesant, P., Sasse, A.M., Chadwick, D., Shi, L.L.: Expressions of expertness: the virtuous circle of natural language for access control policy specification. In: Proceedings of the Symposium on Usable Privacy and Security, SOUPS 2008, ACM, New York (2008)","DOI":"10.1145\/1408664.1408675"},{"key":"5_CR17","doi-asserted-by":"crossref","unstructured":"Krishnan, V., Tripunitara, M.V., Chik, K., Bergstrom, T.: Relating declarative semantics and usability in access control. In: Proceedings of the Eighth Symposium on Usable Privacy and Security. SOUPS 2012, ACM, New York (2012)","DOI":"10.1145\/2335356.2335375"},{"key":"5_CR18","unstructured":"Lipford, H.R., Besmer, A., Watson, J.: Understanding privacy settings in facebook with an audience view. In: Proceedings of the 1st Conference on Usability, Psychology, and Security. UPSEC2008, USENIX Association (2008)"},{"key":"5_CR19","doi-asserted-by":"crossref","unstructured":"Maxion, R.A., Reeder, R.W.: Improving user-interface dependability through mitigation of human error. Int. J. Hum.-Comput. Stud. 63(1), 25\u201350 (2005)","DOI":"10.1016\/j.ijhcs.2005.04.009"},{"key":"5_CR20","doi-asserted-by":"crossref","unstructured":"Mazurek, M.L., et al.: Access control for home data sharing: attitudes, needs and practices. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 645\u2013654. ACM, New York (2010)","DOI":"10.1145\/1753326.1753421"},{"key":"5_CR21","unstructured":"McLeod, S.A.: Experimental design. Simply Psychology, January 2017. https:\/\/www.simplypsychology.org\/experimental-designs.html"},{"key":"5_CR22","unstructured":"Network Encyclopedia: NTFS permissions (windows NT). https:\/\/networkencyclopedia.com\/ntfs-permissions-windows-nt\/. Accessed 31 Jan 2021"},{"key":"5_CR23","unstructured":"Osborne, C.: The top 10 security challenges of serverless architectures. Zero Day, January 2017. https:\/\/www.zdnet.com\/article\/the-top-10-risks-for-apps-on-serverless-architectures\/"},{"key":"5_CR24","unstructured":"Paul, T., Puscher, D., Strufe, T.: Improving the usability of privacy settings in Facebook. arXiv e-prints arXiv:1109.6046, September 2011"},{"key":"5_CR25","first-page":"407","volume":"34","author":"M Pero-Cebollero","year":"2013","unstructured":"Pero-Cebollero, M., Guardia-Olmos, J.: The adequacy of different robust statistical tests in comparing two independent groups. Psicologica 34, 407\u2013424 (2013)","journal-title":"Psicologica"},{"key":"5_CR26","unstructured":"Ramesh Johari: MS & E 226: \u201cSmall\" Data, Lecture 13: The bootstrap (v3). September 2020.http:\/\/web.stanford.edu\/~rjohari\/teaching\/notes\/226_lecture13_inference.pdf"},{"key":"5_CR27","doi-asserted-by":"crossref","unstructured":"Reeder, R.W., Maxion, R.A.: User interface dependability through goal-error prevention. In: 2005 International Conference on Dependable Systems and Networks (DSN 2005), pp. 60\u201369 (2005)","DOI":"10.1109\/DSN.2005.95"},{"key":"5_CR28","doi-asserted-by":"crossref","unstructured":"Reeder, R.W., Maxion, R.A.: User interface defect detection by hesitation analysis. In: International Conference on Dependable Systems and Networks (DSN 2006), pp. 61\u201372 (2006)","DOI":"10.1109\/DSN.2006.71"},{"key":"5_CR29","doi-asserted-by":"crossref","unstructured":"Reeder, R.W., Bauer, L., Cranor, L.F., Reiter, M.K., Vaniea, K.: More than skin deep: measuring effects of the underlying model on access-control system usability. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI 2011, pp. 2065\u20132074. ACM, New York (2011)","DOI":"10.1145\/1978942.1979243"},{"key":"5_CR30","doi-asserted-by":"crossref","unstructured":"Reeder, R.W., et al.:Expandable grids for visualizing and authoring computer security policies. In: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, CHI 2008, pp. 1473\u20131482. ACM, New York (2008)","DOI":"10.1145\/1357054.1357285"},{"key":"5_CR31","doi-asserted-by":"publisher","first-page":"365","DOI":"10.1145\/361011.361061","volume":"17","author":"DM Ritchie","year":"1974","unstructured":"Ritchie, D.M., Thompson, K.: The Unix time sharing system. Commun. ACM 17, 365\u2013375 (1974)","journal-title":"Commun. ACM"},{"key":"5_CR32","unstructured":"Smith, J., Nguyen Quang Do, L., Murphy-Hill, E.: Why can\u2019t johnny fix vulnerabilities: a usability evaluation of static analysis tools for security. In: Proceedings of the Symposium on Usable Privacy and Security. SOUPS2020, Usenix, Aug 2020"},{"key":"5_CR33","unstructured":"Chen,Y.-C.: STAT\/Q SCI 403: introduction to resampling methods, Lecture 5: Bootstrap, April 2017. http:\/\/faculty.washington.edu\/yenchic\/17Sp_403\/Lec5-bootstrap.pdf,"}],"container-title":["Communications in Computer and Information Science","Emerging Information Security and Applications"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-93956-4_5","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2024,9,16]],"date-time":"2024-09-16T03:46:15Z","timestamp":1726458375000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-93956-4_5"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022]]},"ISBN":["9783030939557","9783030939564"],"references-count":33,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-93956-4_5","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"type":"print","value":"1865-0929"},{"type":"electronic","value":"1865-0937"}],"subject":[],"published":{"date-parts":[[2022]]},"assertion":[{"value":"12 January 2022","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"EISA","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Symposium on Emerging Information Security and Applications","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Copenhagen","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Denmark","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2021","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 November 2021","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13 November 2021","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"eisa2021","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/eisa.compute.dtu.dk\/2021\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"36","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"10","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"1","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"28% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"Due to the COVID-19 pandemic the conference was held online.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}