Automated verification of access control policies using a SAT solver

被引:66
|
作者
Graham Hughes
Tevfik Bultan
机构
[1] University of California,Computer Science Department
来源
International Journal on Software Tools for Technology Transfer | 2008年 / 10卷 / 6期
关键词
Access control; Automated verification;
D O I
10.1007/s10009-008-0087-9
中图分类号
学科分类号
摘要
Managing access control policies in modern computer systems can be challenging and error-prone. Combining multiple disparate access policies can introduce unintended consequences. In this paper, we present a formal model for specifying access to resources, a model that encompasses the semantics of the xacml access control language. From this model we define several ordering relations on access control policies that can be used to automatically verify properties of the policies. We present a tool for automatically verifying these properties by translating these ordering relations to Boolean satisfiability problems and then applying a sat solver. Our experimental results demonstrate that automated verification of xacml policies is feasible using this approach.
引用
收藏
页码:503 / 520
页数:17
相关论文
共 50 条
  • [41] Access Control Using Automated Face Recognition Based on the PCA & LDA algorithms
    Taleb, Imene
    Ouis, Mohamed El Amine
    Ould Mammar, Madani
    2014 4TH INTERNATIONAL SYMPOSIUM ISKO-MAGHREB: CONCEPTS AND TOOLS FOR KNOWLEDGE MANAGEMENT (ISKO-MAGHREB), 2014,
  • [42] Hybrid Access Control Model for IoT Environments: Formalization and Verification Using Timed Automata
    Mohammed Walid Krakallah
    Safia Nait-Bahloul
    SN Computer Science, 6 (3)
  • [43] Using OWL and SWRL to represent and reason with situation-based access control policies
    Beimel, Dizza
    Peleg, Mor
    DATA & KNOWLEDGE ENGINEERING, 2011, 70 (06) : 596 - 615
  • [44] Automated IT Audit of Windows Server Access Control
    Pongsrisomchai, Sutthinee
    Ngamsuriyaroj, Sudsanguan
    2019 21ST INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY (ICACT): ICT FOR 4TH INDUSTRIAL REVOLUTION, 2019, : 539 - 544
  • [45] Automated and Dynamic Access Control Management in OSN
    Abid, Sohail
    Daud, Imran
    4TH INTERNATIONAL CONFERENCE ON INNOVATIVE COMPUTING (IC)2, 2021, : 348 - 353
  • [46] Improving Reuse of Attribute-Based Access Control Policies Using Policy Templates
    Decat, Maarten
    Moeys, Jasper
    Lagaisse, Bert
    Joosen, Wouter
    ENGINEERING SECURE SOFTWARE AND SYSTEMS (ESSOS 2015), 2015, 8978 : 196 - 210
  • [47] Detecting covert channels in cloud access control policies using Large Language Models
    Karmarkar, Hrishikesh
    Joshi, Vaibhavi
    Venkatesh, R.
    2024 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE, CSR, 2024, : 241 - 246
  • [48] A Novel Approach for Prevention of SQL Injection Attacks Using Cryptography and Access Control Policies
    Selvamani, K.
    Kannan, A.
    ADVANCES IN POWER ELECTRONICS AND INSTRUMENTATION ENGINEERING, 2011, 148 : 26 - +
  • [49] Enabling Verification and Conformance Testing for Access Control Model
    Hu, Hongxin
    Ahn, Gail-Joon
    SACMAT'08: PROCEEDINGS OF THE 13TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, 2008, : 195 - 204
  • [50] Graph-based specification of access control policies
    Koch, M
    Mancini, LV
    Parisi-Presicce, F
    JOURNAL OF COMPUTER AND SYSTEM SCIENCES, 2005, 71 (01) : 1 - 33
12345