Lessons Learned From the Deployment of a Smartphone-Based Access-Control System
July 19, 2007 by Richard Conlanhttp://cups.cs.cmu.edu/soups/2007/proceedings/p64_bauer.pdf
Grey is a smartphone-based discretionary access-control system developed at CMU which allows for various forms of physical and digital access. The user can select the resource for which to present authorization from the cell phone screen, and the cell phone transmits a credential to the reader guarding the resource. If the user does not directly have access she can send a request to somebody that does have access and is able to grant discretionary access.
The researchers ran a year-long trial of the system with 19 users solicited from the CMU population. At CMU Grey covers 5 perimeter doors, 11 offices, 2 storage closets, 1 lab, and 1 conference room. The users were interviewed before the study concerning their security practices and types of resources managed and needed, with additional interviews conducted roughly monthly throughout the study. During the study period there were 19,5000 Grey access attempts with the average user interacting with ~7.4 Grey-protected resources.
Towards the beginning of the study users were complaining about the speed of the system. Because it was known by developers that Grey and keys required a similar amounts of time to open a door, the researchers videotaped a highly trafficked dor to better understand how doors are opened differently with Grey and with keys. During this videotape session they recorded 18 users (5 Grey / 13 keys). It was found that with keys it took approximately 14.7 seconds to open the door vs. 15.1 seconds with Grey. So why the perceptive difference? Findings were that user impression of time passage for keys didn’t include fumbling for keys and removing the key from the lock because they were actively involved throughout vs. some periods of pure waiting with Grey.
Other findings from the study included:
- a single failure would have a significant effect on adoption because the cost of failure is potentially very high
- delays can be interpreted as failures even when the system is functioning perfectly because of human lag on the other end in discretionary access situations
- users would rather choose a suboptimal solution they understand than one with an uncertain outcome
- systems that benefit from the network effect often don’t work well with a small user population
- using Grey participants granted more access than they did previously
- some participants were thrilled to no longer have to stand up to open an office door without standing up and the ability to unlock a nearby door without going over to it
- education and background seemed to have little effect on usage