多模型访问控制属性的有效验证

Proceedings of the 24th ACM Symposium on Access Control Models and Technologies Pub Date : 2019-05-28 DOI:10.1145/3322431.3325105

Bernhard J. Berger, Christian Maeder, Rodrigue Wete Nguempnang, K. Sohr, Carlos E. Rubio-Medrano

{"title":"多模型访问控制属性的有效验证","authors":"Bernhard J. Berger, Christian Maeder, Rodrigue Wete Nguempnang, K. Sohr, Carlos E. Rubio-Medrano","doi":"10.1145/3322431.3325105","DOIUrl":null,"url":null,"abstract":"Many existing software systems like logistics systems or enterprise applications employ data security in a more or less ad hoc fashion. Our approach focuses on access control such as permission-based discretionary access control (DAC), variants of role-based access control (RBAC) with delegation, and attribute-based access control (ABAC). Typically, software systems implement hybrid access control making an effective security analysis and assessment rather difficult. We propose an analysis methodology to reconstruct access control using a novel modular access control model. Our modular approach allows us to flexibly model exactly those access properties that are relevant for a given system. As formalism we use the Object Constraint Language (OCL) with Ecore from the Eclipse Modeling Framework (EMF). We demonstrate the suitability of our access control model for three software systems: a port community system (PCS), a clinical information system (CIS), and an identity management system (IdMS). For the PCS and CIS we model concrete roles and policies. For the IdMS we evaluate our analysis methodology in-depth by reconstructing access control policies from byte code using the Soot analysis framework as well as model transformation techniques (QVTo). The resulting model helped us to identify design deficiencies. Violated OCL invariants such as for mutually exclusive roles or cardinality constraints revealed non-trivial security vulnerabilities.","PeriodicalId":435953,"journal":{"name":"Proceedings of the 24th ACM Symposium on Access Control Models and Technologies","volume":"128 1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-05-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Towards Effective Verification of Multi-Model Access Control Properties\",\"authors\":\"Bernhard J. Berger, Christian Maeder, Rodrigue Wete Nguempnang, K. Sohr, Carlos E. Rubio-Medrano\",\"doi\":\"10.1145/3322431.3325105\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Many existing software systems like logistics systems or enterprise applications employ data security in a more or less ad hoc fashion. Our approach focuses on access control such as permission-based discretionary access control (DAC), variants of role-based access control (RBAC) with delegation, and attribute-based access control (ABAC). Typically, software systems implement hybrid access control making an effective security analysis and assessment rather difficult. We propose an analysis methodology to reconstruct access control using a novel modular access control model. Our modular approach allows us to flexibly model exactly those access properties that are relevant for a given system. As formalism we use the Object Constraint Language (OCL) with Ecore from the Eclipse Modeling Framework (EMF). We demonstrate the suitability of our access control model for three software systems: a port community system (PCS), a clinical information system (CIS), and an identity management system (IdMS). For the PCS and CIS we model concrete roles and policies. For the IdMS we evaluate our analysis methodology in-depth by reconstructing access control policies from byte code using the Soot analysis framework as well as model transformation techniques (QVTo). The resulting model helped us to identify design deficiencies. Violated OCL invariants such as for mutually exclusive roles or cardinality constraints revealed non-trivial security vulnerabilities.\",\"PeriodicalId\":435953,\"journal\":{\"name\":\"Proceedings of the 24th ACM Symposium on Access Control Models and Technologies\",\"volume\":\"128 1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-05-28\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 24th ACM Symposium on Access Control Models and Technologies\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3322431.3325105\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 24th ACM Symposium on Access Control Models and Technologies","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3322431.3325105","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

许多现有的软件系统，如物流系统或企业应用程序，或多或少都以一种临时的方式使用数据安全。我们的方法侧重于访问控制，如基于权限的任意访问控制(DAC)、带有委托的基于角色的访问控制(RBAC)变体和基于属性的访问控制(ABAC)。通常，软件系统实现混合访问控制，使得有效的安全分析和评估相当困难。我们提出了一种分析方法，利用一种新的模块化访问控制模型来重构访问控制。我们的模块化方法使我们能够灵活地对与给定系统相关的访问属性进行精确建模。作为形式化方法，我们使用对象约束语言(OCL)和来自Eclipse建模框架(EMF)的Ecore。我们展示了我们的访问控制模型对三个软件系统的适用性:港口社区系统(PCS)、临床信息系统(CIS)和身份管理系统(IdMS)。对于PCS和CIS，我们对具体的角色和策略进行建模。对于IdMS，我们通过使用Soot分析框架和模型转换技术(QVTo)从字节码重构访问控制策略，深入评估了我们的分析方法。最终的模型帮助我们识别设计缺陷。违反OCL不变量(如互斥角色或基数约束)会暴露出严重的安全漏洞。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Towards Effective Verification of Multi-Model Access Control Properties

Many existing software systems like logistics systems or enterprise applications employ data security in a more or less ad hoc fashion. Our approach focuses on access control such as permission-based discretionary access control (DAC), variants of role-based access control (RBAC) with delegation, and attribute-based access control (ABAC). Typically, software systems implement hybrid access control making an effective security analysis and assessment rather difficult. We propose an analysis methodology to reconstruct access control using a novel modular access control model. Our modular approach allows us to flexibly model exactly those access properties that are relevant for a given system. As formalism we use the Object Constraint Language (OCL) with Ecore from the Eclipse Modeling Framework (EMF). We demonstrate the suitability of our access control model for three software systems: a port community system (PCS), a clinical information system (CIS), and an identity management system (IdMS). For the PCS and CIS we model concrete roles and policies. For the IdMS we evaluate our analysis methodology in-depth by reconstructing access control policies from byte code using the Soot analysis framework as well as model transformation techniques (QVTo). The resulting model helped us to identify design deficiencies. Violated OCL invariants such as for mutually exclusive roles or cardinality constraints revealed non-trivial security vulnerabilities.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 24th ACM Symposium on Access Control Models and Technologies

自引率

0.00%

发文量