TY - GEN
T1 - Quantitative Policy Repair for Access Control on the Cloud
AU - Eiers, William
AU - Sankaran, Ganesh
AU - Bultan, Tevfik
N1 - Publisher Copyright:
© 2023 Owner/Author.
PY - 2023/7/12
Y1 - 2023/7/12
N2 - With the growing prevalence of cloud computing, providing secure access to information stored in the cloud has become a critical problem. Due to the complexity of access control policies, administrators may inadvertently allow unintended access to private information, and this is a common source of data breaches in cloud based services. In this paper, we present a quantitative symbolic analysis approach for automated policy repair in order to fix overly permissive policies. We encode the semantics of the access control policies using SMT formulas and assess their permissiveness using model counting. Given a policy, a permissiveness bound, and a set of requests that should be allowed, we iteratively repair the policy through permissiveness reduction and refinement, so that the permissiveness bound is reached while the given set of requests are still allowed. We demonstrate the effectiveness of our automated policy repair technique by applying it to policies written in Amazon's AWS Identity and Access Management (IAM) policy language.
AB - With the growing prevalence of cloud computing, providing secure access to information stored in the cloud has become a critical problem. Due to the complexity of access control policies, administrators may inadvertently allow unintended access to private information, and this is a common source of data breaches in cloud based services. In this paper, we present a quantitative symbolic analysis approach for automated policy repair in order to fix overly permissive policies. We encode the semantics of the access control policies using SMT formulas and assess their permissiveness using model counting. Given a policy, a permissiveness bound, and a set of requests that should be allowed, we iteratively repair the policy through permissiveness reduction and refinement, so that the permissiveness bound is reached while the given set of requests are still allowed. We demonstrate the effectiveness of our automated policy repair technique by applying it to policies written in Amazon's AWS Identity and Access Management (IAM) policy language.
KW - access control
KW - policy analysis
KW - policy repair
KW - quantitative analysis
UR - http://www.scopus.com/inward/record.url?scp=85167731175&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85167731175&partnerID=8YFLogxK
U2 - 10.1145/3597926.3598078
DO - 10.1145/3597926.3598078
M3 - Conference contribution
AN - SCOPUS:85167731175
T3 - ISSTA 2023 - Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis
SP - 564
EP - 575
BT - ISSTA 2023 - Proceedings of the 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis
A2 - Just, Rene
A2 - Fraser, Gordon
T2 - 32nd ACM SIGSOFT International Symposium on Software Testing and Analysis, ISSTA 2023
Y2 - 17 July 2023 through 21 July 2023
ER -