Special Issue Paper
Policy override in practice: model, evaluation, and decision support
Version of Record online: 16 MAY 2012
Copyright © 2012 John Wiley & Sons, Ltd.
Security and Communication Networks
Volume 7, Issue 1, pages 139–156, January 2014
How to Cite
Bartsch, S. (2014), Policy override in practice: model, evaluation, and decision support. Security Comm. Networks, 7: 139–156. doi: 10.1002/sec.547
- Issue online: 26 DEC 2013
- Version of Record online: 16 MAY 2012
- security usability;
- policy override;
- privilege escalation;
- decision support
The predominant strategy in restricting permissions in information systems is to limit users on the basis of the ‘need-to-know’ principle. Although appropriate in highly security-sensitive contexts, this culture of protection will, in other contexts, often reduce users' productivity and is seen as a hassle because the everyday exceptions to the routine tasks can be severely hindered. This paper proposes a more flexible authorization model, policy override, which allows end users to override authorization in a controlled manner. In this article, I describe the authorization model and its implementation in a medium enterprise's business application. I evaluated policy override use over a period of 1 year through quantitative and qualitative analysis to identify challenges and offer advice on the implementation of policy override in practice. One important challenge is the setting of adequate bounds for policy override. To overcome this obstacle, I propose and evaluate a qualitative risk-based calculus that offers decision support to balance additional risks of policy override with the benefits of more flexible authorization. Copyright © 2012 John Wiley & Sons, Ltd.