Sciweavers

ICSE
2007
IEEE-ACM

When Role Models Have Flaws: Static Validation of Enterprise Security Policies

14 years 11 months ago
When Role Models Have Flaws: Static Validation of Enterprise Security Policies
Modern multiuser software systems have adopted RoleBased Access Control (RBAC) for authorization management. This paper presents a formal model for RBAC policy validation and a static-analysis model for RBAC systems that can be used to (i) identify the roles required by users to execute an enterprise application, (ii) detect potential inconsistencies caused by principal-delegation policies, which are used to override a user's role assignment, (iii) report if the roles assigned to a user by a given policy are redundant or insufficient, and (iv) report vulnerabilities that can result from unchecked intra-component accesses. The algorithms described in this paper have been implemented as part of IBM's Enterprise Security Policy Evaluator (ESPE) tool. Experimental results show that the tool found numerous policy flaws, including ten previously unknown flaws from two production-level applications, with no false-positive reports.
Marco Pistoia, Stephen J. Fink, Robert J. Flynn, E
Added 09 Dec 2009
Updated 09 Dec 2009
Type Conference
Year 2007
Where ICSE
Authors Marco Pistoia, Stephen J. Fink, Robert J. Flynn, Eran Yahav
Comments (0)