Open Collections

UBC Theses and Dissertations

UBC Theses Logo
Featured Collection

UBC Theses and Dissertations

Towards supporting users in assessing the risk in privilege elevation Motiee, Sara

Abstract

To better protect users from security incidents, the principle of least privilege (PLP) requires that users and programs be granted the most restrictive set of privileges possible to perform the required tasks. The low-privileged user accounts (LUA) and privilege elevation prompts are two practical implementations of PLP in the main-stream operating systems. However, there is anecdotal evidence suggesting that users do not employ these implementations correctly. Our research goal was to understand users' challenges and behavior in using these mechanisms and improve them so that average users of personal computers can follow the PLP correctly. For this purpose, we conducted a user study and contextual interviews to investigate the understanding, behavior, and challenges users face when working with user accounts and the privilege elevation prompts (called User Account Control (UAC) prompts) in Windows Vista and 7. We found that 69% of participants did not use and respond correctly to UAC prompts. Also, all our 45 participants used an admin user account, and 91% were not aware of the benefits of low-privileged user accounts or the risks of high-privileged ones. Their knowledge and experience were limited to the restricted rights of low-privileged accounts. Based on our findings, we offered recommendations to improve the UAC and LUA approaches. Since our study showed that users can benefit from UAC prompts, we investigated the information content for such prompts so that users can assess the risk of privilege elevation more accurately and consequently respond to the prompts correctly. We considered thirteen different information items for including on these prompts mostly based on the results of our first study. Our user study with 48 participants showed that program name, origin, description, digital certification, changes the program applies and the result of program scan by anti-virus are the most understandable, useful and preferred items for users. To avoid habituation, decrease cognitive load on users and improve users' response to the prompts, we recommend to employ a context-based UAC prompt which presents a subset of information items to users based on the context. A set of guidelines is provided for selecting the appropriate items in different contexts.

Item Metadata

Title
Towards supporting users in assessing the risk in privilege elevation
Creator
Motiee, Sara
Publisher
University of British Columbia
Date Issued
2011
Description
To better protect users from security incidents, the principle of least privilege (PLP) requires that users and programs be granted the most restrictive set of privileges possible to perform the required tasks. The low-privileged user accounts (LUA) and privilege elevation prompts are two practical implementations of PLP in the main-stream operating systems. However, there is anecdotal evidence suggesting that users do not employ these implementations correctly. Our research goal was to understand users' challenges and behavior in using these mechanisms and improve them so that average users of personal computers can follow the PLP correctly. For this purpose, we conducted a user study and contextual interviews to investigate the understanding, behavior, and challenges users face when working with user accounts and the privilege elevation prompts (called User Account Control (UAC) prompts) in Windows Vista and 7. We found that 69% of participants did not use and respond correctly to UAC prompts. Also, all our 45 participants used an admin user account, and 91% were not aware of the benefits of low-privileged user accounts or the risks of high-privileged ones. Their knowledge and experience were limited to the restricted rights of low-privileged accounts. Based on our findings, we offered recommendations to improve the UAC and LUA approaches. Since our study showed that users can benefit from UAC prompts, we investigated the information content for such prompts so that users can assess the risk of privilege elevation more accurately and consequently respond to the prompts correctly. We considered thirteen different information items for including on these prompts mostly based on the results of our first study. Our user study with 48 participants showed that program name, origin, description, digital certification, changes the program applies and the result of program scan by anti-virus are the most understandable, useful and preferred items for users. To avoid habituation, decrease cognitive load on users and improve users' response to the prompts, we recommend to employ a context-based UAC prompt which presents a subset of information items to users based on the context. A set of guidelines is provided for selecting the appropriate items in different contexts.
Genre
Thesis/Dissertation
Type
Text
Language
eng
Date Available
2011-10-26
Provider
Vancouver : University of British Columbia Library
Rights
Attribution-NonCommercial-NoDerivatives 4.0 International
DOI
10.14288/1.0072376
URI
http://hdl.handle.net/2429/38313
Degree
Master of Applied Science - MASc
Program
Electrical and Computer Engineering
Affiliation
Applied Science, Faculty of; Electrical and Computer Engineering, Department of
Degree Grantor
University of British Columbia
Graduation Date
2011-11
Campus
UBCV
Scholarly Level
Graduate
Rights URI
http://creativecommons.org/licenses/by-nc-nd/4.0/
Aggregated Source Repository
DSpace

Item Media

Item Citations and Data

Rights

Attribution-NonCommercial-NoDerivatives 4.0 International