Automated verification of access control policies using a SAT solver

被引:66
|
作者
Graham Hughes
Tevfik Bultan
机构
[1] University of California,Computer Science Department
来源
International Journal on Software Tools for Technology Transfer | 2008年 / 10卷 / 6期
关键词
Access control; Automated verification;
D O I
10.1007/s10009-008-0087-9
中图分类号
学科分类号
摘要
Managing access control policies in modern computer systems can be challenging and error-prone. Combining multiple disparate access policies can introduce unintended consequences. In this paper, we present a formal model for specifying access to resources, a model that encompasses the semantics of the xacml access control language. From this model we define several ordering relations on access control policies that can be used to automatically verify properties of the policies. We present a tool for automatically verifying these properties by translating these ordering relations to Boolean satisfiability problems and then applying a sat solver. Our experimental results demonstrate that automated verification of xacml policies is feasible using this approach.
引用
收藏
页码:503 / 520
页数:17
相关论文
共 50 条
  • [31] Automatically Reducing Privilege for Access Control Policies
    D'Antoni, Loris
    Ding, Shuo
    Goel, Amit
    Ramesh, Mathangi
    Rungta, Neha
    Sung, Chungha
    Proceedings of the ACM on Programming Languages, 2024, 8 (OOPSLA2)
  • [32] Oblivious Transfer with Hidden Access Control Policies
    Camenisch, Jan
    Dubovitskaya, Maria
    Neven, Gregory
    Zaverucha, Gregory M.
    PUBLIC KEY CRYPTOGRAPHY - PKC 2011, 2011, 6571 : 192 - +
  • [33] Data Sharing in Presence of Access Control Policies
    Agoun, Juba
    Hacid, Mohand-Said
    ON THE MOVE TO MEANINGFUL INTERNET SYSTEMS: OTM 2019 CONFERENCES, 2019, 11877 : 301 - 309
  • [34] Detecting Inconsistency and Incompleteness in Access Control Policies
    Zhang, Hongbin
    Ma, Pengcheng
    Wang, Meihua
    CLOUD COMPUTING AND SECURITY, PT II, 2018, 11064 : 731 - 739
  • [35] On the Decidability of the Safety Problem for Access Control Policies
    Kleiner, E.
    Newcomb, T.
    ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2007, 185 : 107 - 120
  • [36] POSTER: Analyzing Access Control Policies with SMT
    Turkmen, Fatih
    den Hartog, Jerry
    Zannone, Nicola
    CCS'14: PROCEEDINGS OF THE 21ST ACM CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2014, : 1508 - 1510
  • [37] Detecting conflict of heterogeneous access control policies
    Yu, Mingjie
    Li, Fenghua
    Yu, Nenghai
    Wang, Xiao
    Guo, Yunchuan
    DIGITAL COMMUNICATIONS AND NETWORKS, 2022, 8 (05) : 664 - 679
  • [38] Towards Automatic Repair of Access Control Policies
    Xu, Dianxiang
    Peng, Shuai
    2016 14TH ANNUAL CONFERENCE ON PRIVACY, SECURITY AND TRUST (PST), 2016,
  • [39] Governance policies for privacy access control and their interactions
    Hassan, W
    Logrippo, L
    FEATURE INTERACTIONS IN TELECOMMUNICATIONS AND SOFTWARE SYSTEMS VIII, 2005, : 114 - 130
  • [40] A Study on Automated Context-aware Access Control Model Using Ontology
    Jang, Bokman
    Jang, Hyokyung
    Choi, Euiin
    ADVANCED COMPUTER SCIENCE AND INFORMATION TECHNOLOGY, 2010, 74 : 179 - 186
12345