Skip to main content
Article thumbnail
Location of Repository

Expressions of Expertness: The Virtuous Circle of Natural Language for Access Control Policy Specification

By Philip Inglesant, M. Angela Sasse, David W. Chadwick and Lei Lei Shi


The implementation of usable security is particularly challenging in the growing field of Grid computing, where control is decentralised, systems are heterogeneous, and authorization applies across administrative domains. PERMIS, based on the Role-Based Access Control (RBAC) model, provides a unified, scalable infrastructure to address these challenges. Previous research has found that resource owners generally do not understand the PERMIS RBAC model and consequently have difficulty expressing access control policies. We have addressed this issue by investigating the use of a controlled natural language parser for expressing these policies. In this paper, we describe our experiences in the design, implementation, and evaluation of this parser for the PERMIS Editor. We began by understanding the ways in which non-security specialists express their Grid access control needs, through interviews and focus groups with 45 resource owners. We found that the many areas of Grid computing use present varied security requirements; this suggests a minimal, open design. We designed and implemented a controlled natural language system to support these needs, which we evaluated with a cross-section of 17 target users. We found that the interface is highly usable for interaction: participants were not daunted by the text editor, and understood the syntax easily. However, some strict requirements of the controlled language were problematic. Using natural language helps overcome some conceptual mis-matches between PERMIS RBAC and older paradigms; however, there are still subtleties which are not always understood. In conclusion, the parser is not sufficient on its own, and should be seen in the interplay with other parts of the PERMIS Editor, so that, iteratively, users are helped to understand the underlying PERMIS model and to express their security policies more accurately and more completely

Topics: QA76
Year: 2008
OAI identifier:

Suggested articles


  1. (1999). A UserCentered, Modular Authorization Service Built on an RBAC Foundation. In: doi
  2. (2006). An Empirical Study of Natural Language Parsing of Privacy Policy Rules Using the SPARCLE Policy Workbench. In: doi
  3. (2007). CLOnE: Controlled Language for Ontology Editing. In: doi
  4. (1999). Computer Security. doi
  5. Constructing Grounded Theory: A Practical Guide Through Qualitative Analysis. doi
  6. (1996). Controlled Language for Knowledge Representation. In:
  7. (2004). End-users' Mental Models of Concepts Critical to Web Application Development. In: doi
  8. (2006). Evaluating Interfaces for Privacy Policy Rule Authoring. In: doi
  9. (2007). Integrating security and usability into the requirements and design process. doi
  10. (2006). Intentional Access Management: Making Access Control Usable for End-Users. In: doi
  11. (2000). New paradigms - old paradigms? doi
  12. (1998). On "Technomethodology": Foundational Relationships between Ethnomethodology and System Design. doi
  13. (2008). PERMIS: a modular authorization infrastructure. Concurrency and Computation: Practice and Experience Forthcoming doi
  14. (2001). Privacy in Multimedia Communications : Protecting Users, not Just Data. In: People and Computers XV - Interaction without frontiers. doi
  15. (2005). R-what?" Development of a Role-Based Access Control (RBAC) Policy-Writing Tool for e-Scientists. Software - doi
  16. (2002). RBAC Policies in XML for X.509 Based Privilege Management. In: doi
  17. (1996). Role-Based Access Control Models. doi
  18. (2001). Studying the language and structure in non-programmers' solutions to programming problems. doi
  19. Ten Usability Heuristics doi
  20. (1975). The Protection of Information in Computer Systems. doi
  21. (2006). The Virtuous Circle of Expressing Authorisation Policies. In:
  22. (2002). User Interaction Design for Secure Systems. In: doi
  23. (1999). Users Are Not The Enemy. doi
  24. (1999). Why Johnny Can't Encrypt. In:
  25. (2001). Writing Information Security Policies. New Riders,

To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.