skip to main content
10.1145/2462410.2462413acmconferencesArticle/Chapter ViewAbstractPublication PagessacmatConference Proceedingsconference-collections
research-article

Heuristic safety analysis of access control models

Published: 12 June 2013 Publication History

Abstract

Model-based security engineering uses formal security models for specifying and analyzing access control systems. Tool-based model analysis encounters a fundamental difficulty here: on the one hand, real-world access control systems generally are quite large and complex and require models that have high expressive power. On the other hand, analysis of such models is often pestered by computational complexity or even non-decidability, making it difficult to devise algorithms for automated analysis tools. One approach to this problem is to limiting the expressive power of the modeling calculus, resulting in restrictions to the spectrum of application scenarios that can be modeled. In this paper we propose a different approach: a heuristic-based method for analyzing the safety properties of access control models with full expressive power. Aiming at generality, the paper focuses on the lineage of HRU-style, automaton-based access control models that are fundamental for modeling the dynamic behavior of contemporary role-based or attribute-based access control systems.
The paper motivates a heuristics-based approach to model analysis, describes in detail a heuristic model safety analysis algorithm, and discusses its computational complexity. The algorithm is the core of a security model analysis tool within the context of a security policy engineering workbench; a formal description of major components of its heuristic-based symbolic model execution engine is given, and its capacity to analyze complex real-world access control systems is evaluated.

References

[1]
Francesco Alberti, Alessandro Armando, and Silvio Ranise. Efficient Symbolic Automated Analysis of Administrative Attribute-based RBAC-Policies. In Proc. 6th ACM Symposium on Information, Computer and Communications Security, ASIACCS '11, pages 165--175, New York, NY, USA, 2011. ACM.
[2]
D. Elliott Bell and Leonard J. LaPadula. Secure Computer Systems: Mathematical Foundations (Vol.I). Technical Report AD 770 768, MITRE, Bedford, Massachusetts, November 1973.
[3]
D.E. Bell and L.J. LaPadula. Secure Computer System: Unified Exposition and Multics Interpretation. Technical Report AD-A023 588, MITRE, March 1976.
[4]
David F.C. Brewer and Michael J. Nash. The Chinese Wall Security Policy. In Proc. IEEE Symposium on Security and Privacy, pages 206--214. IEEE Press, May 1989.
[5]
Frédéric Cuppens and Claire Saurel. Specifying a Security Policy: A Case Study. In Proc. Computer Security Foundations Workshop, Kenmare, Ireland, 1996. IEEE Press.
[6]
Mark Evered and Serge Bögeholz. A Case Study in Access Control Requirements for a Health Information System. In Proc. 2nd Workshop on Australasian Information Security, Conferences in Research and Practice in Information Technology, Vol. 32, ACSW Frontiers '04, pages 53--61, Darlinghurst, Australia, Australia, 2004. Australian Computer Society, Inc.
[7]
Petros Efstathopoulos and Eddie Kohler. Manageable Fine-Grained Information Flow. In Proc. 2008 EuroSys Conference, pages 301--313. ACM SIGOPS, April 2008.
[8]
Mikhail I. Gofman, C.R. Ramakrishnan, Scott D. Stoller, and Ping Yang. Parameterized RBAC and ARBAC Policies for a Small Health Care Facility. http://www.cs.stonybrook.edu/~stoller/parbac/healthcare.txt, 2009. {Online; accessed 24-August-2011}.
[9]
Michael A. Harrison and Walter L. Ruzzo. Monotonic Protection Systems. In R. DeMillo, D. Dobkin, A. Jones, and R. Lipton, editors, Foundations of Secure Computation, pages 337--365. Academic Press, 1978.
[10]
Michael A. Harrison, Walter L. Ruzzo, and Jeffrey D. Ullman. On Protection in Operating Systems. Operating Systems Review, special issue for the 5th Symposium on Operating Systems Principles, 9(5):14--24, November 1975.
[11]
Michael A. Harrison, Walter L. Ruzzo, and Jeffrey D. Ullman. Protection in Operating Systems. Communications of the ACM, 19(8):461--471, August 1976.
[12]
Karthick Jayaraman, Vijay Ganesh, Mahesh Tripunitara, Martin Rinard, and Steve Chapin. Automatic Error Finding in Access-Control Policies. In Proceedings of the 18th ACM conference on Computer and communications security, CCS '11, pages 163--174, New York, NY, USA, 2011. ACM.
[13]
Joxan Jaffar and Michael J. Maher. Constraint Logic Programming: a Survey. Journal of Logic Programming, 19/20:503--581, 1994.
[14]
Trent Jaeger, Xiaolan Zhang, and Antony Edwards. Policy Management using Access Control Spaces. ACM Transactions on Information and System Security, 6:327--364, August 2003.
[15]
Eldgar Kleiner and Tom Newcomb. On the Decidability of the Safety Problem for Access Control Policies. Electronic Notes in Theoretical Computer Science (ENTCS), 185:107--120, July 2007.
[16]
Winfried E. Kühnhauser and Anja Pölck. Towards access control model engineering. In Proc. 7th Int. Conf. on Information Systems Security, ICISS'11, pages 379--382, Berlin, Heidelberg, 2011. Springer-Verlag.
[17]
Butler W. Lampson. Protection. Operating Systems Review, 8(1):18--24, January 1974.
[18]
Jean-Louis Lauriere. A Language and a Program for Stating and Solving Combinatorial Problems. Artificial Intelligence, 10(1):29--127, 1978.
[19]
R. Lipton and L. Snyder. On Synchronization and Security. In R. DeMillo, D. Dobkin, A. Jones, and R. Lipton, editors, Foundations of Secure Computation, pages 367--385. Academic Press, 1978.
[20]
Peter A. Loscocco and Stephen D. Smalley. Integrating Flexible Support for Security Policies into the Linux Operating System. In Clem Cole, editor, 2001 USENIX Annual Technical Conference, pages 29--42, 2001.
[21]
Ninghui Li and Mahesh V. Tripunitara. Security Analysis in Role-Based Access Control. ACM Transactions on Information and System Security (TISSEC), 9(4):391--420, November 2006.
[22]
Alan K. Mackworth. Consistency in Networks of Relations. Artificial Intelligence, 8(1):99--118, 1977.
[23]
Samrat Mondal, Shamik Sural, and Vijayalakshmi Atluri. Towards Formal Security Analysis of GTRBAC using Timed Automata. In Proc. 14th ACM Symp. on Access Control Models and Technologies, SACMAT '09, pages 33--42, New York, NY, USA, 2009. ACM.
[24]
Flemming Nielson and Hanne Riis Nielson. Heuristics for Safety and Security Constraints. Electron. Notes Theor. Comput. Sci., 172:523--543, 2007.
[25]
Ravi S. Sandhu. The Typed Access Matrix Model. In Proc. IEEE Symposium on Security and Privacy, pages 122--136. IEEE, May 1992.
[26]
Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, and Charles E. Youman. Role-Based Access Control Models. IEEE Computer, 29(2):38--47, 1996.
[27]
Ravi Sandhu, David Ferraiolo, and Richard Kuhn. The NIST Model for Role-Based Access Control: Towards a Unified Standard. In Proc. 5th ACM Workshop on Role-Based Access Control, pages 47--63, New York, NY, USA, 2000. ACM. ISBN 1-58113-259-X.
[28]
Scott D. Stoller, Ping Yang, Mikhail Gofman, and C. R. Ramakrishnan. Symbolic Reachability Analysis for Parameterized Administrative Role Based Access Control. In Proc. 14th ACM Symposium on Access Control Models and Technologies, SACMAT '09, pages 165--174, New York, NY, USA, 2009. ACM.
[29]
Scott D. Stoller, Ping Yang, Mikhail Gofman, and C. R. Ramakrishnan. Symbolic Reachability Analysis for Parameterized Administrative Role Based Access Control. Computers & Security, 30(2-3):148--164, 2011.
[30]
Scott D. Stoller, Ping Yang, C R. Ramakrishnan, and Mikhail I. Gofman. Efficient Policy Analysis for Administrative Role Based Access Control. In Proc. 14th ACM Conference on Computer and Communications Security, CCS '07, pages 445--455, New York, NY, USA, 2007. ACM.
[31]
Amit Sasturkar, Ping Yang, Scott D. Stoller, and C. R. Ramakrishnan. Policy Analysis for Administrative Role Based Access Control. In Proc. 19th IEEE Workshop on Computer Security Foundations, CSFW '06, pages 124--138, Washington, DC, USA, 2006. IEEE Computer Society.
[32]
Robert Watson and Chris Vance. The TrustedBSD MAC Framework: Extensible Kernel Access Control for FreeBSD 5.0. In In USENIX Annual Technical Conference, pages 285--296, 2003.
[33]
Xinwen Zhang, Yingjiu Li, and Divya Nalla. An Attribute-based Access Matrix Model. In Proc. 2005 ACM Symposium on Applied Computing, pages 359--363. ACM, 2005.

Cited By

View all
  • (2023)Putting the Pieces Together: Model-Based Engineering Workflows for Attribute-Based Access Control PoliciesE-Business and Telecommunications10.1007/978-3-031-36840-0_12(249-280)Online publication date: 22-Jul-2023
  • (2018)Automated and efficient analysis of administrative temporal RBAC policies with role hierarchiesJournal of Computer Security10.3233/JCS-1575626:4(423-458)Online publication date: 1-Jan-2018

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
SACMAT '13: Proceedings of the 18th ACM symposium on Access control models and technologies
June 2013
278 pages
ISBN:9781450319508
DOI:10.1145/2462410
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 June 2013

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. access control models
  2. access control systems
  3. model safety
  4. security engineering
  5. symbolic model execution

Qualifiers

  • Research-article

Conference

SACMAT '13
Sponsor:

Acceptance Rates

SACMAT '13 Paper Acceptance Rate 19 of 62 submissions, 31%;
Overall Acceptance Rate 177 of 597 submissions, 30%

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)7
  • Downloads (Last 6 weeks)1
Reflects downloads up to 15 Feb 2025

Other Metrics

Citations

Cited By

View all
  • (2023)Putting the Pieces Together: Model-Based Engineering Workflows for Attribute-Based Access Control PoliciesE-Business and Telecommunications10.1007/978-3-031-36840-0_12(249-280)Online publication date: 22-Jul-2023
  • (2018)Automated and efficient analysis of administrative temporal RBAC policies with role hierarchiesJournal of Computer Security10.3233/JCS-1575626:4(423-458)Online publication date: 1-Jan-2018

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Figures

Tables

Media

Share

Share

Share this Publication link

Share on social media