research-article

Discovering access-control misconfigurations: new approaches and evaluation methodologies

Authors:

Michael K. Reiter,

Chad SpenskyAuthors Info & Claims

CODASPY '12: Proceedings of the second ACM conference on Data and Application Security and Privacy

Pages 95 - 104

https://doi.org/10.1145/2133601.2133613

Published: 07 February 2012 Publication History

Abstract

Accesses that are not permitted by implemented policy but that share similarities with accesses that have been allowed, may be indicative of access-control policy misconfigurations. Identifying such misconfigurations allows administrators to resolve them before they interfere with the use of the system. We improve upon prior work in identifying such misconfigurations in two main ways. First, we develop a new methodology for evaluating misconfiguration prediction algorithms and applying them to real systems. We show that previous evaluations can substantially overestimate the benefits of using such algorithms in practice, owing to their tendency to reward predictions that can be deduced to be redundant. We also show, however, that these and other deductions can be harnessed to substantially recover the benefits of prediction. Second, we propose an approach that significantly simplifies the use of misconfiguration prediction algorithms. We remove the need to hand-tune (and empirically determine the effects of) various parameters, and instead replace them with a single, intuitive tuning parameter. We show empirically that this approach is generally competitive in terms of benefit and accuracy with algorithms that require hand-tuned parameters.

References

[1]

M. Abedin, S. Nessa, L. Khan, E. Al-Shaer, and M. Awad. Analysis of firewall policy rules using traffic mining techniques. International Journal of Internet Protocol Technology, 5:3--22, Apr. 2010.

Digital Library

[2]

R. Agrawal, T. Imielinski, and A. Swami. Mining association rules between sets of items in large databases. In ACM SIGMOD International Conference on Management of Data, pages 207--216, May 1993.

Digital Library

[3]

E. S. Al-Shaer and H. H. Hamed. Discovery of policy anomalies in distributed firewalls. In 23rd INFOCOM, March 2004.

[4]

A. W. Appel and E. W. Felten. Proof-carrying authentication. In 6th ACM Conference on Computer and Communications Security, 1999.

Digital Library

[5]

Y. Bartal, A. J. Mayer, K. Nissim, and A. Wool. Firmato: A novel firewall management toolkit. In 1999 IEEE Symposium on Security and Privacy, May 1999.

[6]

L. Bauer, S. Garriss, J. M. McCune, M. K. Reiter, J. Rouse, and P. Rutenbar. Device-enabled authorization in the Grey system. In Information Security: 8th International Conference, ISC 2005, volume 3650 of Lecture Notes in Computer Science, pages 431--445, Sept. 2005.

Digital Library

[7]

L. Bauer, S. Garriss, and M. K. Reiter. Detecting and resolving policy misconfigurations in access-control systems. ACM Transactions on Information and System Security, 14(1), May 2011.

Digital Library

[8]

T. Das, R. Bhagwan, and P. Naldurg. Baaz: A system for detecting access control misconfigurations. In 19th USENIX Security Symposium, Aug. 2010.

Digital Library

[9]

K. El-Arini and K. Killourhy. Bayesian detection of router configuration anomalies. In 2005 ACM SIGCOMM Workshop on Mining Network Data, August 2005.

Digital Library

[10]

T. Jaeger, A. Edwards, and X. Zhang. Policy management using access control spaces. ACM Transaction on Information and System Security, 6(3):327--364, 2003.

Digital Library

[11]

M. Kuhlmann, D. Shohat, and G. Schimpf. Role mining-revealing business roles for security administration using data mining technology. In 8th ACM Symposium on Access Control Models and Technologies, June 2003.

Digital Library

[12]

F. Le, S. Lee, T. Wong, H. Kim, and D. Newcomb. Detecting network-wide and router-specific misconfigurations through data mining. IEEE/ACM Transactions on Networking (TON), 17(1):66--79, 2009.

Digital Library

[13]

F. Le, S. Lee, T. Wong, H. S. Kim, and D. Newcomb. Minerals: Using data mining to detect router misconfigurations. In MineNet '06: 2006 SIGCOMM Workshop on Mining Network Data, pages 293--298, 2006.

Digital Library

[14]

A. Mayer, A. Wool, and E. Ziskind. Fang: A firewall analysis engine. In 2000 IEEE Symposium on Security and Privacy, May 2000.

Digital Library

[15]

I. Molloy, H. Chen, T. Li, Q. Wang, N. Li, E. Bertino, S. Calo, and J. Lobo. Mining roles with semantic meanings. In 13th ACM Symposium on Access Control Models and Technologies, pages 21--30, 2008.

Digital Library

[16]

I. Molloy, N. Li, T. Li, Z. Mao, Q. Wang, and J. Lobo. Evaluating role mining algorithms. In 14th ACM Symposium on Access Control Models and Technologies, pages 95--104, 2009.

Digital Library

[17]

T. Scheffer. Finding association rules that trade support optimally against confidence. Intelligent Data Analysis, 9(4):381--395, 2005.

Digital Library

[18]

G. Stevens and V. Wulf. Computer-supported access control. ACM Trans. Comput.-Hum. Interact., 16:12:1--12:26, September 2009.

Digital Library

[19]

J. Vaidya, V. Atluri, and Q. Guo. The role mining problem: Finding a minimal descriptive set of roles. In 12th ACM Symposium on Access Control Models and Technologies, 2007.

Digital Library

[20]

A. Wool. Architecting the Lumeta firewall analyzer. In 10th USENIX Security Symposium, 2001.

Digital Library

[21]

L. Yuan, J. Mai, Z. Su, H. Chen, C.-N. Chuah, and P. Mohapatra. FIREMAN: A toolkit for FIREwall modeling and ANalysis. In 2006 IEEE Symposium on Security & Privacy, 2006.

Digital Library

Cited By

Sun X(2024)Permission Governance Method Based on Separation of Responsibilities2024 IEEE 7th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)10.1109/ITNEC60942.2024.10732997(1165-1169)Online publication date: 20-Sep-2024
https://doi.org/10.1109/ITNEC60942.2024.10732997
Tsankov PDashti MBasin D(2016)Access Control Synthesis for Physical Spaces2016 IEEE 29th Computer Security Foundations Symposium (CSF)10.1109/CSF.2016.38(443-457)Online publication date: Jun-2016
https://doi.org/10.1109/CSF.2016.38
Ott DVishik CGrawrock DRajan A(2016)The Search for Trust EvidenceCyber Security10.1007/978-3-319-28313-5_3(34-45)Online publication date: 8-Jan-2016
https://doi.org/10.1007/978-3-319-28313-5_3
Show More Cited By

Index Terms

Discovering access-control misconfigurations: new approaches and evaluation methodologies
1. Security and privacy
  1. Security services
    1. Access control
    2. Authentication
  2. Systems security
    1. Operating systems security

Recommendations

Do not blame users for misconfigurations
SOSP '13: Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles

Similar to software bugs, configuration errors are also one of the major causes of today's system failures. Many configuration issues manifest themselves in ways similar to software bugs such as crashes, hangs, silent failures. It leaves users clueless ...
Detecting and resolving policy misconfigurations in access-control systems

Access-control policy misconfigurations that cause requests to be erroneously denied can result in wasted time, user frustration, and, in the context of particular applications (e.g., health care), very severe consequences. In this article we apply ...
Detecting and Resolving Misconfigurations in Role-Based Access Control (Short Paper)
ICISS '09: Proceedings of the 5th International Conference on Information Systems Security

In Role Based Access Control (RBAC) systems, formulating a correct set of roles, assigning appropriate privileges to roles, and assigning roles to users are the fundamental design tasks. Whether these tasks are performed by a human (e.g., system ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

CODASPY '12: Proceedings of the second ACM conference on Data and Application Security and Privacy

February 2012

338 pages

ISBN:9781450310918

DOI:10.1145/2133601

General Chair:
Elisa Bertino
Purdue University, USA
,
Program Chair:
Ravi Sandhu
University of Texas at San Antonio, USA

Copyright © 2012 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 07 February 2012

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

CODASPY'12

Sponsor:

SIGSAC

CODASPY'12: Second ACM Conference on Data and Application Security and Privacy

February 7 - 9, 2012

Texas, San Antonio, USA

Acceptance Rates

CODASPY '12 Paper Acceptance Rate 21 of 113 submissions, 19%;

Overall Acceptance Rate 149 of 789 submissions, 19%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

5
Total Citations
View Citations
286
Total Downloads

Downloads (Last 12 months)2
Downloads (Last 6 weeks)0

Reflects downloads up to 25 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Sun X(2024)Permission Governance Method Based on Separation of Responsibilities2024 IEEE 7th Information Technology, Networking, Electronic and Automation Control Conference (ITNEC)10.1109/ITNEC60942.2024.10732997(1165-1169)Online publication date: 20-Sep-2024
https://doi.org/10.1109/ITNEC60942.2024.10732997
Tsankov PDashti MBasin D(2016)Access Control Synthesis for Physical Spaces2016 IEEE 29th Computer Security Foundations Symposium (CSF)10.1109/CSF.2016.38(443-457)Online publication date: Jun-2016
https://doi.org/10.1109/CSF.2016.38
Ott DVishik CGrawrock DRajan A(2016)The Search for Trust EvidenceCyber Security10.1007/978-3-319-28313-5_3(34-45)Online publication date: 8-Jan-2016
https://doi.org/10.1007/978-3-319-28313-5_3
Gauthier FLavoie TMerlo EPayne C(2013)Uncovering access control weaknesses and flaws with security-discordant software clonesProceedings of the 29th Annual Computer Security Applications Conference10.1145/2523649.2523650(209-218)Online publication date: 9-Dec-2013
https://dl.acm.org/doi/10.1145/2523649.2523650
Sharifi ABottinelli PTripunitara MConti MVaidya JSchaad A(2013)Property-testing real-world authorization systemsProceedings of the 18th ACM symposium on Access control models and technologies10.1145/2462410.2463207(225-236)Online publication date: 12-Jun-2013
https://dl.acm.org/doi/10.1145/2462410.2463207

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten