Automated Analysis of Scenario-Based Specifications of Distributed Access Control Policies with Non-mechanizable Activities

Barletta, Michele; Ranise, Silvio; Viganò, Luca

doi:10.1007/978-3-642-38004-4_4

Cited by 3 publications

(2 citation statements)

References 26 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Barletta et al [17] give a model checking algorithm for bounded-length reachability for access control systems (ACSs). In their work, the set of rules is fixed, and abductive analysis is not considered.…”

Section: Administration Of Rule-based Policiesmentioning

confidence: 99%

Abductive Analysis of Administrative Policies in Rule-Based Access Control

Gupta

Stoller

2014

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

In large organizations, access control policies are managed by multiple users (administrators). An administrative policy specifies how each user in an enterprise may change the policy. Fully understanding the consequences of an administrative policy in an enterprise system can be difficult, because of the scale and complexity of the access control policy and the administrative policy, and because sequences of changes by different users may interact in unexpected ways. Administrative policy analysis helps by answering questions such as user-permission reachability, which asks whether specified users can together change the policy in a way that achieves a specified goal, namely, granting a specified permission to a specified user. This paper presents a rule-based access control policy language, a rule-based administrative policy model that controls addition and removal of facts and rules, and an abductive analysis algorithm for user-permission reachability. Abductive analysis means that the algorithm can analyze policy rules even if the facts initially in the policy (e.g., information about users) are unavailable. The algorithm does this by computing minimal sets of facts that, if present in the initial policy, imply reachability of the goal.

show abstract

Section: Administration Of Rule-based Policiesmentioning

confidence: 99%

Abductive Analysis of Administrative Policies in Rule-Based Access Control

Gupta

Stoller

2014

IEEE Trans. Dependable and Secure Comput.

View full text Add to dashboard Cite

show abstract

“…Entity/relationship diagram depicting the entities (rectangles) and relations (diamonds) involved in the various access control schemes discussed in the paper 2. …”

mentioning

confidence: 99%

Sorting out role based access control

Kuijper

Ermolaev

2014

Proceedings of the 19th ACM Symposium on Access Control Models and Technologies

View full text Add to dashboard Cite

Role-based access control (RBAC) is a popular framework for modelling access control rules. In this paper we identify a fragment of RBAC called bi-sorted role based access control (RBÄC). We start from the observation that "classic" RBAC blends together subject management aspects and permission management aspects into a single object of indirection: a role. We posit there is merit in distinguishing these administrative perspectives and consequently introducing two distinct objects of indirection: the proper role (which applies solely to subjects) and the demarcation (which applies solely to permissions). We then identify a third administrative perspective called access management where the two are linked up. In this way we enhance organisational scalability by decoupling the tasks of maintaining abstractions over the set of subjects (assignment of subjects into proper roles), maintaining abstractions over the set of permissions (assignment of permissions into demarcations), and maintaining abstract access control policy (granting proper roles access to demarcations). Moreover, the latter conceptual refinement naturally leads us to the introduction of negative roles (and, dually, negative demarcations). The relevance of the four-sorted extension called polarized, bi-sorted role based access control (R ± BÄC), in a semantic sense, is further supported by the existence of Galois connections between sets of subjects and permissions and between positive and negative roles.

show abstract

The SPaCIoS Project: Secure Provision and Consumption in the Internet of Services

Viganò

2013

2013 IEEE Sixth International Conference on Software Testing, Verification and Validation

View full text Add to dashboard Cite

We describe the SPaCIoS project, illustrating its main objectives, the results obtained so far and those that we expect to achieve, in particular, the development of the SPaCIoS Tool, an integrated platform that takes as input a formal description of the system under validation, the expected security goals, and a description of the capabilities of the attacker, and automatically generates and executes a sequence of test cases on the system through a number of proxies.The vision of the Internet of Services (IoS) entails a major paradigm shift in the way ICT systems and applications are designed, implemented, deployed and consumed: they are no longer the result of programming components in the traditional meaning but are built by composing services that are distributed over the network and aggregated and consumed at run-time in a demand-driven, flexible way. In the IoS, services are business functionalities that are designed and implemented by producers, deployed by providers, aggregated by intermediaries and used by consumers. However, the new opportunities opened by the IoS will only materialize if concepts, techniques and tools are provided to ensure security.State-of-the-art security validation technologies, when used in isolation, do not provide automated support to the discovery of important vulnerabilities and associated exploits that are already plaguing complex web-based securitysensitive applications, and thus severely affect the development of the IoS. Moreover, security validation should be applied not only at production time but also when services are deployed and consumed.Tackling these challenges is the main objective of the SPaCIoS project, an unprecedented effort from academia and industry that has been laying the technological foundations for a new generation of analyzers for automated security validation at service provision and consumption time, thereby significantly improving the security of the IoS. This is being achieved by developing and combining state-of-the-art technologies for penetration testing, security testing, automatic learning, model checking and related automated reasoning techniques. We have thus been developing both techniques for property-driven security testing, a variant of testing The work presented in this paper was supported by the

show abstract

Automated Analysis of Scenario-Based Specifications of Distributed Access Control Policies with Non-mechanizable Activities

Cited by 3 publications

References 26 publications

Abductive Analysis of Administrative Policies in Rule-Based Access Control

Abductive Analysis of Administrative Policies in Rule-Based Access Control

Sorting out role based access control

The SPaCIoS Project: Secure Provision and Consumption in the Internet of Services

Contact Info

Product

Resources

About