Quacky: Quantitative Access Control Permissiveness Analyzer✱

Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI:10.1145/3551349.3559530

William Eiers, G. Sankaran, Albert Li, Emily O'Mahony, Benjamin Prince, T. Bultan

引用次数: 1

Abstract

quacky is a tool for quantifying permissiveness of access control policies in the cloud. Given a policy, quacky translates it into a SMT formula and uses a model counting constraint solver to quantify permissiveness. When given multiple policies, quacky not only determines which policy is more permissive, but also quantifies the relative permissiveness between the policies. With quacky, policy authors can automatically analyze complex policies, helping them ensure that there is no unintended access to private data. quacky supports access control policies written in the Amazon Web Services (AWS) Identity and Access Management (IAM), Microsoft Azure, and Google Cloud Platform (GCP) policy languages. It has command-line and web interfaces. It is open-source and available at https://github.com/vlab-cs-ucsb/quacky. Video URL: https://youtu.be/YsiGOI_SCtg.

查看原文本刊更多论文

Quacky:定量访问控制许可分析器:译者

Quacky是一种量化云中访问控制策略权限的工具。给定一个策略，quicky将其转换为SMT公式，并使用模型计数约束求解器来量化许可程度。当给定多个政策时，quicky不仅可以确定哪个政策更宽松，还可以量化政策之间的相对宽松程度。使用quicky，策略作者可以自动分析复杂的策略，帮助他们确保没有对私有数据的意外访问。quicky支持使用Amazon Web Services (AWS) IAM (Identity and access Management)、Microsoft Azure和谷歌GCP (Cloud Platform)策略语言编写访问控制策略。它有命令行和web界面。它是开源的，可以在https://github.com/vlab-cs-ucsb/quacky上获得。视频链接:https://youtu.be/YsiGOI_SCtg。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering

自引率

0.00%

发文量