1 / 12

ACPT : A Tool for Modeling and Verifying Access Control Policies

JeeHyun Hwang 1 , Tao Xie 1 , Vincent Hu 2 and Mine Altunay 3 North Carolina State University 1 National Institute of Standards and Technology 2 Fermi National Laboratory 3 (Policy 2010). ACPT : A Tool for Modeling and Verifying Access Control Policies. Access Control Policy Mechanism.

jennifer-doyle
Download Presentation

ACPT : A Tool for Modeling and Verifying Access Control Policies

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. JeeHyun Hwang1, Tao Xie1, Vincent Hu2 and Mine Altunay 3 North Carolina State University1 National Institute of Standards and Technology2 Fermi National Laboratory3 (Policy 2010) ACPT: A Tool for Modeling and Verifying Access Control Policies

  2. Access Control Policy Mechanism • Access control mechanisms control which subjects (such as users or processes) have access to which resources. • Access control policies often combine multiple policies with a large number of rules • Misconfiguration and mistakes in access control policies lead to security problems Policy Request Response (Permit, Deny, or Not-applicable)

  3. Motivation • Need to support correct policy modelling • Various policy model templates (e.g., RBAC and MSL) • Combining multiple policies • Need to ensure the correct behaviours of policies • Static verification: check whether properties are satisfied by a policy • Confidence on policy correctness is dependent on the quality of specified properties • Dynamic verification: evaluate requests and check whether their evaluated decisions are correct • Consider test effort and their effectiveness together • Complementstatic verification

  4. ACPT Features ACPT is a tool for composing access control models (such as Rule Based and Multi-Level policy models) • Help specifying policies, rules and properties through model templates • Support various policy combining algorithms (e.g., first applicable or permit-overrides) • Generate an enforceable XACML policy

  5. ACPT Features (cont.) To ensure policy correctness, ACPT supports both static and dynamic verification of a policy • Verify policies against specified properties to detect violations using NuSMV [Cimattiet al. CAV 2002] • Generate test inputs for testing of policy implementation • Test inputs based on structural coverage [Martin et al. ICICS 2006] • Test inputs based on combinatorial coverage [Hu et al. IJSEKE 2010]

  6. ACPT Architecture GUI allows specification of users, groups, attributes, roles, rules, policies, and resources Administrator API/mechanism to consume/acquire external data related to policies GUI User, attribute, resource, role, etc. data Data Acquisition AC Model Templates XACML Generate enforceable policies Verify access control policies Policy Generator Static Verification .xml Generate test inputs Generate and evaluate test inputs Test inputs based on structural or combinatorial coverage Test inputs with their evaluated decisions Dynamic Verification

  7. Questions?

  8. 8 ACPT Demo Property specification in ACPT

  9. 9 Static Verification Verify the property against Policy A, the result return false with counterexample.

  10. 10 Static Verification (cont.) Verify the property against Policy B, the result return true.

  11. 11 Test Input Generation and Evaluation

  12. 12 XACML Generation

More Related