Timothy L. Hinrichs scite author profile

Parameter tampering attacks are dangerous to a web application whose server fails to replicate the validation of user-supplied data that is performed by the client in web forms. Malicious users who circumvent the client can capitalize on the missing server validation. In this paper, we provide a formal description of parameter tampering vulnerabilities and a high level approach for their detection. We specialize this high level approach to develop complementary detection solutions in two interesting settings: blackbox (only analyze client-side code in web forms) and whitebox (also analyze server-side code that processes submitted web forms). This paper presents interesting challenges encountered in realizing the high level approach for each setting and novel technical contributions that address these challenges. We also contrast utility, difficulties and effectiveness issues in both settings and provide a quantitative comparison of results. Our experiments with real world and open source applications demonstrate that parameter tampering vulnerabilities are prolific (total 47 in 9 applications), and their exploitation can have serious consequences including unauthorized transactions, account hijacking and financial losses. We conclude this paper with a discussion on countermeasures for parameter tampering attacks and present a detailed survey of existing defenses and their suitability.

show abstract

Practical declarative network management

Hinrichs

Gude

Casado

et al. 2009

157

View full text Add to dashboard Cite

We present FML, a declarative policy language for managing the configuration of enterprise networks. FML was designed to replace the many disparate configuration mechanisms traditionally used to enforce policies within the enterprise. These include ACLs, VLANs, NATs, policy-routing, and proprietary admission control systems. FML balances the desires to express policies naturally and enforce policies efficiently. We have implemented FML and have used it to manage multiple operational enterprise networks for over a year.

show abstract

Application-Sensitive Access Control Evaluation Using Parameterized Expressiveness

Hinrichs

Martinoia

Garrison

et al. 2013

View full text Add to dashboard Cite

Access control schemes come in all shapes and sizes, which makes choosing the right one for a particular application a challenge. Yet today's techniques for comparing access control schemes completely ignore the setting in which the scheme is to be deployed. In this paper, we present a formal framework for comparing access control schemes with respect to a particular application. The analyst's main task is to evaluate an access control scheme in terms of how well it implements a given access control workload (a formalism that we introduce to represent an application's access control needs). One implementation is better than another if it has stronger security guarantees, and in this paper we introduce several such guarantees: correctness, homomorphism, AC-preservation, safety, administrationpreservation, and compatibility. The scheme that admits the implementation with the strongest guarantees is deemed the best fit for the application. We demonstrate the use of our framework by evaluating two workloads on ten different access control schemes.Index Terms-access control; evaluation; state machine; parameterized expressiveness • assignUser(a,b): add UR(a, b) to the state • revokeUser(a,b): remove UR(a, b) from the state • assignPermission(a,b,c

show abstract

TBA : A Hybrid of Logic and Extensional Access Control Systems

Hinrichs

Garrison

Lee

et al. 2012

View full text Add to dashboard Cite

Logical policy-based access control models are greatly expressive and thus provide the flexibility for administrators to represent a wide variety of authorization policies. Extensional access control models, on the other hand, utilize simple data structures to better enable a less trained and non-administrative workforce to participate in the day-to-day operations of the system. In this paper, we formally study a hybrid approach, tag-based authorization (TBA), which combines the ease of use of extensional systems while still maintaining a meaningful degree of the expressiveness of logical systems. TBA employs an extensional data structure to represent metadata tags associated with subjects and objects, as well as a logical language for defining the access control policy in terms of those tags. We formally define TBA and introduce variants that include tag ontologies and delegation. We evaluate the resulting system by comparing to well-known extensional and logical access control models.

show abstract

An actor-based, application-aware access control evaluation framework

Garrison

Lee

Hinrichs

2014

View full text Add to dashboard Cite

To date, most work regarding the formal analysis of access control schemes has focused on quantifying and comparing the expressive power of a set of schemes. Although expressive power is important, it is a property that exists in an absolute sense, detached from the application context within which an access control scheme will ultimately be deployed. By contrast, we formalize the access control suitability analysis problem, which seeks to evaluate the degree to which a set of candidate access control schemes can meet the needs of an application-specific workload. This process involves both reductions to assess whether a scheme is capable of implementing a workload (qualitative analysis), as well as cost analysis using ordered measures to quantify the overheads of using each candidate scheme to service the workload (quantitative analysis). We formalize the two-facet suitability analysis problem, which formally describes this task. We then develop a mathematical framework for this type of analysis, and evaluate this framework both formally, by quantifying its efficiency and accuracy properties, and practically, by exploring an academic program committee workload.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.