Date Added: Jul 2009
Existing technologies for file sharing differ widely in the granularity of control they give users over who can access their data; achieving finer-grained control generally requires more user effort. The authors want to understand what level of control users need over their data, by examining what sorts of access policies users actually create in practice. They used automated data mining techniques to examine the real-world use of access control features present in standard document sharing systems in a corporate environment as used over a long (> 10 year) time span. They find that while users rarely need to change access policies, the policies they do express are actually quite complex.