Full Access with Errors
Classification Key
: Core Security, Information Disclosure
Problem
Some user interfaces offer different options based on the privilege level of the user. The designer of such a user interface faces the challenge that the revelation of the complete interface can cause a problem because the user may not have rights to invoke all functionality. Even the access rights might not be known in advance. This problem generalizes to any interface you design whenever there are multiple modes of usage, such as different access rights.
How do you present available functionality that might be partially inaccessible?
Solution
Design the application so users see everything that is available to them. When a user performs an operation, check if it is allowed. Generate error notifications if they try to access unauthorized operations.
Known Uses
Amazon lets the surfers view all the options. Authentication is required only before check-out.
Related Patterns
Limited Access, Policy Enforcement Point, Security Session
Source
Wiley Book
Tags
Access Control, User Interface, Authentication
|