Automatic error finding in access-control policies

Proceedings of the ACM Conference on Computer and Communications Security

Volumn , Issue , 2011, Pages 163-174

  Jayaraman, Karthick ^a   Ganesh, Vijay ^b   Tripunitara, Mahesh ^c   Rinard, Martin ^b   Chapin, Steve ^d  

^a MICROSOFT   (United States)

^b MASSACHUSETTS INSTITUTE OF TECHNOLOGY   (United States)

^c UNIVERSITY OF WATERLOO   (Canada)

^d SYRACUSE UNIVERSITY   (United States)

Author keywords

Security; Verification

Indexed keywords

ABSTRACTION-REFINEMENT; GRAPH DIAMETER; ORDERS OF MAGNITUDE; POLICY ANALYSIS; REFINEMENT STEP; ROLE-BASED ACCESS CONTROL; SECURITY; SECURITY POLICY; SECURITY PROPERTIES; STATE SPACE EXPLORATION;

ABSTRACTING; COMPUTER CONTROL SYSTEMS; CONTROL SYSTEMS; DISTRIBUTED COMPUTER SYSTEMS; ERRORS; MODEL CHECKING; SECURITY SYSTEMS; SPACE RESEARCH;

ACCESS CONTROL;

EID: 80755168364     PISSN: 15437221     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/2046707.2046727     Document Type: Conference Paper

References (48)

1. Aveska. http://www.aveksa.com/solutions/access-control-automation.cfm.
2. SailPoint. http://www.sailpoint.com/product/compliance-manager/policy- enforcement.php.
3. P. Ammann and R. Sandhu. Safety analysis for the extended schematic protection model. IEEE Symposium on Security and Privacy, 1991.
4. T. Ball and S. K. Rajamani. The SLAM project: debugging system software via static analysis. In POPL '02: Proc. of the 29th ACM symposium on Principles of programming languages, New York, NY, USA, 2002. ACM.
5. T. A. Budd. Safety in grammatical protection systems. Intl. Journal of Parallel Programming, 12(6):413-431, 1983.
6. E. Clarke, O. Grumberg, S. Jha, Y. Lu, and H. Veith. Counterexample- guided abstraction refinement for symbolic model checking. J. ACM, 50(5):752-794, 2003.
7. E. Clarke, D. Kroening, J. Ouaknine, and O. Strichman. The completeness threshold for bounded model checking.
8. E. M. Clarke, O. Grumberg, and D. A. Peled. Model Checking. The MIT Press, 1999.
9. J. Crampton and G. Loizou. Administrative scope: A foundation for role-based administrative models. ACM Trans. Inf. Syst. Secur., 6(2):201-231, 2003.
10. D. F. Ferraiolo, D. R. Kuhn, and R. Chandramouli. Role-Based Access Control. Artech House, Inc., Norwood, MA, USA, 2003.
11. K. Fisler, S. Krishnamurthi, L. A. Meyerovich, and M. C. Tschantz. Verification and change-impact analysis of access-control policies. In ICSE '05: Proc. of the 27th Intl. conference on Software engineering, 2005. ACM.
12. V. Ganesh and D. L. Dill. A decision procedure for bitvectors and arrays. In Computer Aided Verification, LNCS, 2007.
13. M. I. Gofman, R. Luo, A. C. Solomon, Y. Zhang, P. Yang, and S. D. Stoller. Rbac-pat: A policy analysis tool for role based access control. In Proc. of the 15th Intl. Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS), volume 5505, Springer-Verlag, 2009.
14. M. I. Gofman, R. Luo, and P. Yang. User-role reachability analysis of evolving administrative role based access control. In Proc. of the 15th European conference on Research in computer security, Berlin, Heidelberg, 2010. Springer-Verlag.
15. G. S. Graham and P. J. Denning. Protection - principles and practice. In Proc. of the AFIPS Spring Joint Computer Conference, volume 40, AFIPS Press, May 1972.
16. M. A. Harrison and W. L. Ruzzo. Monotonic protection systems. Foundations of Secure Computation, 1978.
17. M. A. Harrison, W. L. Ruzzo, and J. D. Ullman. On protection in operating systems. In SOSP '75: Proc. of the fifth ACM symposium on Operating systems principles, 1975. ACM.
18. H. Hu and G. Ahn. Enabling verification and conformance testing for access control model. In SACMAT '08: Proc. of the 13th ACM symposium on Access control models and technologies, New York, NY, USA, 2008. ACM.
19. V. C. Hu, D. R. Kuhn, and T. Xie. Property verification for generic access control models. In EUC '08: Proc. of the 2008 IEEE/IFIP Intl. Conference on Embedded and Ubiquitous Computing, 2008. IEEE Computer Society.
20. G. Hughes and T. Bultan. Automated verification of access control policies using a sat solver. Int. J. Softw. Tools Technol. Transf., 10(6):503-520, 2008.
21. S. Jha, N. Li, M. Tripunitara, Q. Wang, and W. Winsborough. Towards formal verification of role-based access control policies. IEEE Trans. Dependable Secur. Comput., 5(4):242-255, 2008.
22. S. Jha and T. W. Reps. Model Checking SPKI/SDSI. Journal of Computer Security, 12(3-4):317-353, 2004.
23. S. Jha, S. Schwoon, H. Wang, and T. Reps. Weighted Pushdown Systems and Trust-Management Systems. In Proc. of TACAS, New York, NY, USA, 2006. Springer-Verlag.
24. A. K. Jones, R. J. Lipton, and L. Snyder. A linear time algorithm for deciding security. In SFCS '76: Proc. of the 17th Annual Symposium on Foundations of Computer Science, Washington, DC, USA, 1976. IEEE Computer Society.
25. A. Kern. Advanced features for enterprise-wide role-based access control. In ACSAC '02: Proc. of the 18th Annual Computer Security Applications Conference, Washington, DC, USA, 2002. IEEE Computer Society.
26. V. Kolovski, J. Hendler, and B. Parsia. Analyzing web access control policies. In WWW '07: Proc. of the 16th Intl. conference on World Wide Web, 2007. ACM.
27. D. Kroening. Computing over-approximations with bounded model checking. Electron. Notes Theor. Comput. Sci., 144:79-92, January 2006. (Pubitemid 43060062)
28. N. Li, J. C. Mitchell, and W. H. Winsborough. Beyond proof-of-compliance: security analysis in trust management. J. ACM, 52(3):474-514, 2005. (Pubitemid 43078378)
29. N. Li and M. V. Tripunitara. Security analysis in role-based access control. In SACMAT '04: Proc. of the ninth ACM symposium on Access control models and technologies, New York, NY, USA, 2004. ACM.
30. N. Li and M. V. Tripunitara. Security analysis in role-based access control. ACM Trans. Inf. Syst. Secur., 9(4):391-420, 2006. (Pubitemid 44927156)
31. E. Martin and T. Xie. A fault model and mutation testing of access control policies. In WWW '07: Proc. of the 16th Intl. conference on World Wide Web, 2007. ACM.
32. R. Motwani, R. Panigrahy, V. Saraswat, and S. Ventkatasubramanian. On the decidability of accessibility problems (extended abstract). In STOC '00: Proc. of the thirty-second annual ACM symposium on Theory of computing, New York, NY, USA, 2000. ACM.
33. NuSMV. http://nusmv.irst.itc.it/.
34. P. Rao, D. Lin, and E. Bertino. XACML function annotations. In POLICY '07: Proc. of the Eighth IEEE Intl. Workshop on Policies for Distributed Systems and Networks, Washington, DC, USA, 2007. IEEE Computer Society.
35. J. H. Saltzer and M. D. Schroeder. The protection of information in computer systems. Proc. of the IEEE, 1975.
36. R. Sandhu, V. Bhamidipati, and Q. Munawer. The arbac97 model for role-based administration of roles. ACM Trans. Inf. Syst. Secur., 2(1):105-135, 1999.
37. R. S. Sandhu. The typed access matrix model. In Proc. IEEE Symposium on Research in Security and Privacy, 1992.
38. R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-based access control models. IEEE Computer, 29(2):38-47, 1996.
39. A. Sasturkar, P. Yang, S. D. Stoller, and C. Ramakrishnan. Policy analysis for administrative role based access control. In Proc. of the 19th Computer Security Foundations Workshop. IEEE Computer Society Press, July 2006.
40. A. Sasturkar, P. Yang, S. D. Stoller, and C. Ramakrishnan. Policy analysis for administrative role based access control. Technical report, Stony Brook University, 2006.
41. A. Schaad, J. Moffett, and J. Jacob. The role-based access control system of a european bank: a case study and discussion. In SACMAT '01: Proc. of the sixth ACM symposium on Access control models and technologies, New York, NY, USA, 2001. ACM.
42. Security Architect of a Leading Bank. Personal communication, 2010.
43. K. Sohr, M. Drouineaud, G.-J. Ahn, and M. Gogolla. Analyzing and managing role-based access control policies. IEEE Transactions on Knowledge and Data Engineering, 20:924-939, 2008.
44. J. A. Solworth and R. H. Sloan. A layered design of discretionary access controls with decidable safety properties. IEEE Symposium on Security and Privacy, 2004.
45. M. Soshi. Safety analysis of the dynamic-typed access matrix model. In Computer Security - ESORICS 2000, LNCS, Springer Berlin / Heidelberg, 2000.
46. S. D. Stoller, P. Yang, C. R. Ramakrishnan, and M. I. Gofman. Efficient policy analysis for administrative role based access control. In CCS '07: Proc. of the 14th ACM conference on Computer and communications security, 2007. ACM.
47. N. Zhang, M. Ryan, and D. P. Guelev. Synthesising verified access control systems through model checking. J. Comput. Secur., 16(1):1-61, 2008. (Pubitemid 350264869)
48. C. Zhao, N. Heilili, S. Liu, and Z. Lin. Representation and reasoning on rbac: A description logic approach. In ICTAC'05: Proc. of the 2nd Intl. Colloquium on Theoretical Aspects of Computing, LNCS, Springer, 2005.