Evaluating Usage Control Deterrents

Authors

  • KESHNEE PADAYACHEE
  • J.H.P. Eloff

DOI:

https://doi.org/10.18489/sacj.v48i1.62

Keywords:

Access Control, Usage Control, Deterrent Control

Abstract

This paper explores the effectiveness of usage control deterrents. Usage control enables finer-grained control over the usage of objects than do traditional access control models. Deterrent controls are intended to discourage individuals from intentionally violating information security policies or procedures. In this context, an adaptation of usage control is assessed as a proactive means of deterrence control to protect information that cannot be adequately or reasonably protected by access control. These deterrents are evaluated using the design science methodology. Parallel prototypes were developed with the aim of producing multiple alternatives, thereby shifting the focus from purely usability testing to model testing.

Downloads

Additional Files

Published

2012-06-26

Issue

Vol. 48 (2012)

Section

Research Papers (general)

License

Copyright of all work published here subsists in the authors. While SACJ retains right of first publication, subsequent re-publication is expressly permitted provided the original SACJ publication is acknowledged and cited, according to the terms detailed below. If plagiarism is detected during review, a paper may be summarily rejected and will not be accepted unless even minor infringements are corrected. Should plagiarism be detected after a paper is published, the Editor reserves the right to withdraw a paper from publication. We expect authors to be honest in representing work as their own, and to respect the time and effort our reviewers put in without an undue burden of policing plagiarism, and hence take violations seriously. SACJ applies the Creative Commons Attribution NonCommercial 4.0 License (CC BY-NC 4.0) to all papers published in this journal. Authors who publish with SACJ agree to the following:
  1. Authors retain copyright and grant SACJ right of first publication. The work is additionally licensed under a Creative Commons Attribution Non-Commercial License that requires others who share the work to acknowledge the work’s authorship and initial publication in SACJ. Should anyone else wish to make commercial use of the work, SACJ cedes the right to the author to negotiate terms and does not expect to be paid any royalties.
  2. Authors may enter into additional arrangements for non-exclusive distribution of the SACJ-published version of the work (e.g., post it to a repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
  3. Authors are required to refrain from posting their work online prior to completion of reviews so as not to compromise double-blind reviewing or confuse plagiarism checks.