Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
CCS
2011
ACM
2011
ACM
Automatic error finding in access-control policies
Verifying that access-control systems maintain desired security properties is recognized as an important problem in security. Enterprise access-control systems have grown to protect tens of thousands of resources, and there is a need for verification to scale commensurately. We present straction-refinement technique for automatically finding errors in Administrative Role-Based Access Control (ARBAC) security policies. ARBAC is the first and most comprehensive administrative scheme for Role-Based Access Control (RBAC) systems. Underlying our approach is a change in mindset: we propose that error finding complements verification, can be more scalable, and allows for the use of a wider variety of techniques. In our approach, we use an abstraction-refinement technique to first identify and discard roles that are unlikely to be relevant to the verification question (the abstraction step), and then restore such abstracted roles incrementally (the refinement steps). Errors sided: i...
Real-time TrafficCCS 2011 | Enterprise Access Control | Information Systems Security | Security Privacy | State Space Exploration |
| Added | 13 Dec 2011 |
| Updated | 13 Dec 2011 |
| Type | Journal |
| Year | 2011 |
| Where | CCS |
| Authors | Karthick Jayaraman, Vijay Ganesh, Mahesh V. Tripunitara, Martin C. Rinard, Steve J. Chapin |
Comments (0)
Researcher Info
|
