RE: Request for comments on security of authentication/authorisation UIs
- From: "Dodier-Lazaro, Steve" <s dodier-lazaro 12 ucl ac uk>
- To: Allan Day <allanpday gmail com>
- Cc: "gnome-shell-list gnome org" <gnome-shell-list gnome org>, "gnome-keyring-list gnome org" <gnome-keyring-list gnome org>, "desktop-devel-list gnome org" <desktop-devel-list gnome org>
- Subject: RE: Request for comments on security of authentication/authorisation UIs
- Date: Sat, 29 Mar 2014 18:17:18 +0000
Hey Steve!
Hi Allan,
Thanks for reaching out about this. Speaking from a design point of
view, having a more rigorous security model is something that we are
extremely interested in at the moment, and this is something that
Wayland has an obvious part to play in. There are also other
technologies that will be needed, of course, particularly in relation
to application sandboxing.
I'm afraid we don't currently have a clear plan for how all the pieces
will fit together, but we do have ideas and are looking to develop a
concrete plan for the UX in the near future.
One does one keep informed about this? Where do I sign up?
One relevant area is
sharing [1], as the UX mechanism through which it is possible to share
data between applications.
Interesting. It seems these UIs play a specific goal though, maybe better coined
as "Publishing" to specific destinations made compatible one by one. There are
many different models for how an app may process the user's data and how you could
combine apps. I've been trying to think of sandboxing in terms that don't involve
me having to figure out / describe / support these models at all but there is a
lot of research to do to find the right approach to data sharing for sandboxed apps.
There isn't a single existing product I'm happy with, but this is maybe off-topic
for now (very happy to discuss it elsewhere though).
I think that, in general, we'd like to
avoid Android-esque lists of permissions - since people tend not to
read these at install time, and you really want to know what apps are
trying to do in practice rather than giving blanket permissions
upfront. At the same time, we want to avoid dialog overload - we don't
want there to be so many authentication dialogs that it becomes
annoying.
Allan
[1] https://wiki.gnome.org/Design/OS/Sharing
Agreed on both points!
--
Dodier-Lazaro
PhD student in Information Security
University College London
Dept. of Computer Science
Malet Place Engineering, 6.07
Gower Street, London WC1E 6BT
OpenPGP : 1B6B1670
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]