What Would Disney Do ?

["Mark Curphey" <mark () curphey com>]

Yesterdays discussion about SSL login pages got me thinking about ways to
make it easy for users to do the right thing and hard to do the wrong thing.
I found some security architecture slides on the floptop from ages ago (I
don't recall where the original text should be contributed to)

Disney
Many people visit Disney World and have a good time because their
surroundings are controlled. This in turn makes it easier to control
people's behavior and minimize problems. By using physical barriers and
having a cheerful staff, Disney World makes it easy for visitors to conform
and "do the right thing". 

- Physical barriers (fountains, flower gardens) 
- Limit the choices people can make about where to walk 
- Guests are given constant instruction to minimize disorder 
- Guests are constantly under surveillance by employees 
- Many exhibits are only viewed through riding in a vehicle Order is
maintained through voluntary activity 

The control at Disney World is subtle and embedded in the routine activities
of employees and visitors. It is designed to prevent any disorder and make
everyone's visit as enjoyable as possible.

Some of these things of course could be tied to the architectural patters
discussed last week (limited view etc)

Just thought it was an interesting anecdote.