Access Control Policy Analysis and Visualization Tools for Security Professionals

Kami Vaniea, Qun Ni, Lorrie Cranor, Elisa Bertino

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Managing large sets of access-control rules is a complex task for security administrators. Each addition, deletion or modification of a rule causes many potential and unknown side effects ranging from rule conflicts to security breaches. Security researchers have attempted to alleviate this problem by proposing algorithms and tools which analyze lists of rules and provide administrators with the information that they need to better manage their rules. Unfortunately few of these analysis tools connect a policy problem to the source of the problem clearly. In this work we discuss an interface that visualizes the output of policy analysis and the source of the output in terms of rule lists and shows administrators the effect of their changes.
Original languageEnglish
Title of host publicationProceedings of Workshop on Usable IT Security Management (USM '08)
Publication statusPublished - Jul 2008
EventWorkshop on Usable IT Security Management - Pittsburgh, PA, United States
Duration: 23 Jul 200825 Jul 2008


WorkshopWorkshop on Usable IT Security Management
Country/TerritoryUnited States
CityPittsburgh, PA


  • Access Control
  • Usability
  • Visualization
  • Policy Analysis


Dive into the research topics of 'Access Control Policy Analysis and Visualization Tools for Security Professionals'. Together they form a unique fingerprint.

Cite this