Efficient Data Model Verification with Many-Sorted Logic (T)

Bocic, Ivan; Bultan, Tevfik

doi:10.1109/ase.2015.48

Cited by 4 publications

(3 citation statements)

References 16 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In order to detect access control bugs in Rails applications we implemented the approach outlined in Figure 2 in a tool called CanCheck 1 . This is an extension of our previous work [4,5,6] Figure 2: CanCheck tool architecture.…”

Section: Overviewmentioning

confidence: 75%

“…The contributions in this paper extend our previous work on data model verification [4,5,6]. This work focuses on verifying whether all actions in a Rails application preserve a set of user specified invariants that refer to data integrity.…”

Section: Related Workmentioning

confidence: 77%

“…First, we automatically extract an access control model from a given Rails application. This model is specified in an intermediate specification language that is based on earlier work in data model verification [4,6]. It includes information about the model classes, the set of possible roles and the access control policy, as well as actions defined in a high level imperative language.…”

Section: Overviewmentioning

confidence: 99%

See 2 more Smart Citations

Finding access control bugs in web applications with CanCheck

Bocic

Bultan

2016

Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering

Self Cite

View full text Add to dashboard Cite

Access control bugs in web applications can have dire consequences since many web applications store private and sensitive data. In this paper we present an automated verification technique for access control in Ruby on Rails (Rails) applications. Our technique starts by automatically extracting a model that captures 1) the ways the data is accessed and modified by the application, 2) the access control policy of the application, and 3) the authorization checks used for access control policy enforcement. Then, it automatically translates this model to first order logic and uses automated theorem provers to check whether the declared access control policy is correctly enforced by the implementation. We implemented our technique in a tool called CanCheck. Using CanCheck on open source Rails applications, we found numerous previously unknown exploitable access control bugs as well as several deficiencies in access control policies.

show abstract

Section: Overviewmentioning

confidence: 75%

Section: Related Workmentioning

confidence: 77%

Section: Overviewmentioning

confidence: 99%

See 1 more Smart Citation