Access Control Realities As Observed in a Clinical Medical Setting. Sinclair, S. & Smith, S., W. Technical Report Dartmouth College, Computer Science, 1, 2012.
![Access Control Realities As Observed in a Clinical Medical Setting [pdf]](https://bibbase.org/img/filetypes/pdf.svg "pdf")
Website abstract bibtex
Website abstract bibtex Effective computer security requires looking not just at technology, but also at how it meshes with users in the real-world enterprises depending on it. As part of a longer-term series of projects, we have been looking at these issues---- particularly access control---- in a variety of real-world enterprises. In previous work, we looked at companies in the finance and software industries; this paper reports on a study of a hospital's access control systems. Both studies employ ethnographic methods to elicit observations on the failures of current access control technologies in large, dynamic organizations; participants in the corporate study were largely drawn from IT staff members, whereas this clinical study involved a larger number of end users.
@techreport{
title = {Access Control Realities As Observed in a Clinical Medical Setting},
type = {techreport},
year = {2012},
keywords = {access-control,clinical,study},
issue = {TR2012-714},
websites = {http://www.cs.dartmouth.edu/cms_file/SYS_techReport/582/TR2012-714.pdf},
month = {1},
city = {Hanover, NH},
institution = {Dartmouth College, Computer Science},
id = {4d39a85b-de43-324c-95c2-e67faaf26ef7},
created = {2018-07-12T21:30:52.947Z},
file_attached = {false},
profile_id = {f954d000-ce94-3da6-bd26-b983145a920f},
group_id = {b0b145a3-980e-3ad7-a16f-c93918c606ed},
last_modified = {2018-07-12T21:30:52.947Z},
read = {false},
starred = {false},
authored = {false},
confirmed = {true},
hidden = {false},
citation_key = {sinclair:realities12},
source_type = {techreport},
notes = {Has some interesting real life anecdotes about problems with security in real world. Scout talks about some of her experiences when observing staff at a hospital, mainly dealing with the difficulties users face with their access-control system. Many interesting scenarios addressing important security questions. For example, how users circumvent the system, why they (usually) do it, what factors govern their choice of laptop for a task (when presented with x number of laptops to choose from), how the proximity authentication system failed because users do not necessarily follow the modeled usage (i.e., user comes near the system, uses it, and leave when done; in real life users use the computer, do non-computer task and then come back to finish the task on the computer), scenarios in which proximity won't work (e.g., when doctors are on a round), delegation of permissions should be easily and convenient.},
private_publication = {false},
abstract = {Effective computer security requires looking not just at technology, but also at how it meshes with users in the real-world enterprises depending on it. As part of a longer-term series of projects, we have been looking at these issues---- particularly access control---- in a variety of real-world enterprises. In previous work, we looked at companies in the finance and software industries; this paper reports on a study of a hospital's access control systems. Both studies employ ethnographic methods to elicit observations on the failures of current access control technologies in large, dynamic organizations; participants in the corporate study were largely drawn from IT staff members, whereas this clinical study involved a larger number of end users.},
bibtype = {techreport},
author = {Sinclair, Sara and Smith, Sean W}
}Downloads: 0
{"_id":"JozD2teem4Qwrskab","bibbaseid":"sinclair-smith-accesscontrolrealitiesasobservedinaclinicalmedicalsetting-2012","downloads":0,"creationDate":"2019-02-15T15:14:57.532Z","title":"Access Control Realities As Observed in a Clinical Medical Setting","author_short":["Sinclair, S.","Smith, S., W."],"year":2012,"bibtype":"techreport","biburl":null,"bibdata":{"title":"Access Control Realities As Observed in a Clinical Medical Setting","type":"techreport","year":"2012","keywords":"access-control,clinical,study","issue":"TR2012-714","websites":"http://www.cs.dartmouth.edu/cms_file/SYS_techReport/582/TR2012-714.pdf","month":"1","city":"Hanover, NH","institution":"Dartmouth College, Computer Science","id":"4d39a85b-de43-324c-95c2-e67faaf26ef7","created":"2018-07-12T21:30:52.947Z","file_attached":false,"profile_id":"f954d000-ce94-3da6-bd26-b983145a920f","group_id":"b0b145a3-980e-3ad7-a16f-c93918c606ed","last_modified":"2018-07-12T21:30:52.947Z","read":false,"starred":false,"authored":false,"confirmed":"true","hidden":false,"citation_key":"sinclair:realities12","source_type":"techreport","notes":"Has some interesting real life anecdotes about problems with security in real world. Scout talks about some of her experiences when observing staff at a hospital, mainly dealing with the difficulties users face with their access-control system. Many interesting scenarios addressing important security questions. For example, how users circumvent the system, why they (usually) do it, what factors govern their choice of laptop for a task (when presented with x number of laptops to choose from), how the proximity authentication system failed because users do not necessarily follow the modeled usage (i.e., user comes near the system, uses it, and leave when done; in real life users use the computer, do non-computer task and then come back to finish the task on the computer), scenarios in which proximity won't work (e.g., when doctors are on a round), delegation of permissions should be easily and convenient.","private_publication":false,"abstract":"Effective computer security requires looking not just at technology, but also at how it meshes with users in the real-world enterprises depending on it. As part of a longer-term series of projects, we have been looking at these issues---- particularly access control---- in a variety of real-world enterprises. In previous work, we looked at companies in the finance and software industries; this paper reports on a study of a hospital's access control systems. Both studies employ ethnographic methods to elicit observations on the failures of current access control technologies in large, dynamic organizations; participants in the corporate study were largely drawn from IT staff members, whereas this clinical study involved a larger number of end users.","bibtype":"techreport","author":"Sinclair, Sara and Smith, Sean W","bibtex":"@techreport{\n title = {Access Control Realities As Observed in a Clinical Medical Setting},\n type = {techreport},\n year = {2012},\n keywords = {access-control,clinical,study},\n issue = {TR2012-714},\n websites = {http://www.cs.dartmouth.edu/cms_file/SYS_techReport/582/TR2012-714.pdf},\n month = {1},\n city = {Hanover, NH},\n institution = {Dartmouth College, Computer Science},\n id = {4d39a85b-de43-324c-95c2-e67faaf26ef7},\n created = {2018-07-12T21:30:52.947Z},\n file_attached = {false},\n profile_id = {f954d000-ce94-3da6-bd26-b983145a920f},\n group_id = {b0b145a3-980e-3ad7-a16f-c93918c606ed},\n last_modified = {2018-07-12T21:30:52.947Z},\n read = {false},\n starred = {false},\n authored = {false},\n confirmed = {true},\n hidden = {false},\n citation_key = {sinclair:realities12},\n source_type = {techreport},\n notes = {Has some interesting real life anecdotes about problems with security in real world. Scout talks about some of her experiences when observing staff at a hospital, mainly dealing with the difficulties users face with their access-control system. Many interesting scenarios addressing important security questions. For example, how users circumvent the system, why they (usually) do it, what factors govern their choice of laptop for a task (when presented with x number of laptops to choose from), how the proximity authentication system failed because users do not necessarily follow the modeled usage (i.e., user comes near the system, uses it, and leave when done; in real life users use the computer, do non-computer task and then come back to finish the task on the computer), scenarios in which proximity won't work (e.g., when doctors are on a round), delegation of permissions should be easily and convenient.},\n private_publication = {false},\n abstract = {Effective computer security requires looking not just at technology, but also at how it meshes with users in the real-world enterprises depending on it. As part of a longer-term series of projects, we have been looking at these issues---- particularly access control---- in a variety of real-world enterprises. In previous work, we looked at companies in the finance and software industries; this paper reports on a study of a hospital's access control systems. Both studies employ ethnographic methods to elicit observations on the failures of current access control technologies in large, dynamic organizations; participants in the corporate study were largely drawn from IT staff members, whereas this clinical study involved a larger number of end users.},\n bibtype = {techreport},\n author = {Sinclair, Sara and Smith, Sean W}\n}","author_short":["Sinclair, S.","Smith, S., W."],"urls":{"Website":"http://www.cs.dartmouth.edu/cms_file/SYS_techReport/582/TR2012-714.pdf"},"bibbaseid":"sinclair-smith-accesscontrolrealitiesasobservedinaclinicalmedicalsetting-2012","role":"author","keyword":["access-control","clinical","study"],"downloads":0},"search_terms":["access","control","realities","observed","clinical","medical","setting","sinclair","smith"],"keywords":["access-control","clinical","study"],"authorIDs":[]}