Access control policies are dynamic in nature, and therefore require frequent updates to synchronize with the latest organizational security requirements. As these updates are handled, it is important that all user access requests be answered contemporaneously and correctly without any interruption or delay. In this paper, considering the context of Attribute Based Access Control (ABAC), we propose an approach that is capable of immediately materializing any update to the policy and ensuring that it is taken into account for any subsequent access requests. One possibility is to update the policy based on the incoming changes through ABAC policy mining techniques. However, it turns out that no existing mining approach can offer correct enforcement of policies when access requests are entertained during the updates. We provide a formal proof for this surprising result and then propose an approach called δwOP that does not suffer from this problem. Essentially, δwOP keeps track of the needed information from updates and uses this in conjunction with the existing ABAC policy rules to make access decisions. We present the complexity analysis as well as a comprehensive experimental evaluation to demonstrate the efficacy of the proposed approach for different types of changes.
{"title":"Contemporaneous Update and Enforcement of ABAC Policies.","authors":"Samir Talegaon, Gunjan Batra, Vijayalakshmi Atluri, Shamik Sural, Jaideep Vaidya","doi":"10.1145/3532105.3535021","DOIUrl":"https://doi.org/10.1145/3532105.3535021","url":null,"abstract":"<p><p>Access control policies are dynamic in nature, and therefore require frequent updates to synchronize with the latest organizational security requirements. As these updates are handled, it is important that all user access requests be answered contemporaneously and correctly without any interruption or delay. In this paper, considering the context of Attribute Based Access Control (ABAC), we propose an approach that is capable of immediately materializing any update to the policy and ensuring that it is taken into account for any subsequent access requests. One possibility is to update the policy based on the incoming changes through ABAC policy mining techniques. However, it turns out that no existing mining approach can offer correct enforcement of policies when access requests are entertained during the updates. We provide a formal proof for this surprising result and then propose an approach called <i>δ</i>wOP that does not suffer from this problem. Essentially, <i>δ</i>wOP keeps track of the needed information from updates and uses this in conjunction with the existing ABAC policy rules to make access decisions. We present the complexity analysis as well as a comprehensive experimental evaluation to demonstrate the efficacy of the proposed approach for different types of changes.</p>","PeriodicalId":74509,"journal":{"name":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","volume":"2022 ","pages":"31-42"},"PeriodicalIF":0.0,"publicationDate":"2022-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9732837/pdf/nihms-1854495.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"9588370","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Securing Content in Decentralized Online Social Networks: Solutions, Limitations, and the Road Ahead","authors":"R. D. Pietro","doi":"10.1145/3532105.3535041","DOIUrl":"https://doi.org/10.1145/3532105.3535041","url":null,"abstract":"","PeriodicalId":74509,"journal":{"name":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","volume":"1 1","pages":"1-2"},"PeriodicalIF":0.0,"publicationDate":"2022-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74388616","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The increasing dependency on cloud computing has drawn attention to the security weaknesses of cloud providers. Not only how information is accessed, but also where and when have become important considerations in cloud security. Certain situations exist where it is necessary to restrict access to cloud resources based on time and location. An example is a policy for a medical institution where doctors can only access patient records at hospitals during their shifts. The Generalized Spatio-Temporal Role-Based Access Control model (GSTRBAC) determines users’ access to resources based on such information. This poster proposes a cloud-based software architecture and outlines it possible implementation of the GSTRBAC model.
{"title":"Poster: Towards Cloud-Based Software for Incorporating Time and Location into Access Control Decisions","authors":"Mustafa Al-Lail","doi":"10.1145/3450569.3464395","DOIUrl":"https://doi.org/10.1145/3450569.3464395","url":null,"abstract":"The increasing dependency on cloud computing has drawn attention to the security weaknesses of cloud providers. Not only how information is accessed, but also where and when have become important considerations in cloud security. Certain situations exist where it is necessary to restrict access to cloud resources based on time and location. An example is a policy for a medical institution where doctors can only access patient records at hospitals during their shifts. The Generalized Spatio-Temporal Role-Based Access Control model (GSTRBAC) determines users’ access to resources based on such information. This poster proposes a cloud-based software architecture and outlines it possible implementation of the GSTRBAC model.","PeriodicalId":74509,"journal":{"name":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","volume":"23 1","pages":"55-57"},"PeriodicalIF":0.0,"publicationDate":"2021-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82806401","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"SACMAT '21: The 26th ACM Symposium on Access Control Models and Technologies, Virtual Event, Spain, June 16-18, 2021","authors":"","doi":"10.1145/3450569","DOIUrl":"https://doi.org/10.1145/3450569","url":null,"abstract":"","PeriodicalId":74509,"journal":{"name":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","volume":"56 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2021-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84752734","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In Attribute-based Access Control (ABAC) systems, utilizing environment attributes along with the subject and object attributes introduces a dynamic nature to the access decisions. The inclusion of environment attributes helps in achieving a more fine-grained access control. In this paper, we present an ABAC policy mining algorithm that considers the environment attributes and their associated values while forming the rules. Furthermore, we use gini impurity to form the rules. This helps to minimize the number of rules in the generated policy. The experimental evaluation shows that our approach is quite effective in practice.
{"title":"Poster: Using Gini Impurity to Mine Attribute-based Access Control Policies with Environment Attributes.","authors":"Saptarshi Das, Shamik Sural, Jaideep Vaidya, Vijayalakshmi Atluri","doi":"10.1145/3205977.3208949","DOIUrl":"https://doi.org/10.1145/3205977.3208949","url":null,"abstract":"<p><p>In Attribute-based Access Control (ABAC) systems, utilizing environment attributes along with the subject and object attributes introduces a dynamic nature to the access decisions. The inclusion of environment attributes helps in achieving a more fine-grained access control. In this paper, we present an ABAC policy mining algorithm that considers the environment attributes and their associated values while forming the rules. Furthermore, we use gini impurity to form the rules. This helps to minimize the number of rules in the generated policy. The experimental evaluation shows that our approach is quite effective in practice.</p>","PeriodicalId":74509,"journal":{"name":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","volume":"2018 ","pages":"213-215"},"PeriodicalIF":0.0,"publicationDate":"2018-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1145/3205977.3208949","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"36903222","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Information flow provides principled defenses against malware. It can provide system-wide integrity protection without requiring any program-specific understanding. Information flow policies have been around for 40+ years but they have not been explored in today's context. Specifically, they are not designed for contemporary software and OSes. Applying these policies directly on today's OSes affects usability. In this paper, we focus our attention on an information-flow based integrity protection system that we implemented for Linux, with the goal of minimizing usability impact. We discuss the design decisions made in this system and provide insights on building usable information flow systems.
{"title":"Comprehensive integrity protection for desktop linux","authors":"Wai-Kit Sze, R. Sekar","doi":"10.1145/2613087.2613112","DOIUrl":"https://doi.org/10.1145/2613087.2613112","url":null,"abstract":"Information flow provides principled defenses against malware. It can provide system-wide integrity protection without requiring any program-specific understanding. Information flow policies have been around for 40+ years but they have not been explored in today's context. Specifically, they are not designed for contemporary software and OSes. Applying these policies directly on today's OSes affects usability. In this paper, we focus our attention on an information-flow based integrity protection system that we implemented for Linux, with the goal of minimizing usability impact. We discuss the design decisions made in this system and provide insights on building usable information flow systems.","PeriodicalId":74509,"journal":{"name":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","volume":"18 1","pages":"89-92"},"PeriodicalIF":0.0,"publicationDate":"2014-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82359695","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
There has been a resurgence of interest in information flow based techniques in security. A key attraction of these techniques is that they can provide strong, principled protection against malware, regardless of its sophistication. In spite of this advantage, most advances in information flow control have not been adopted in mainstream operating systems since a strict application of information flow can limit system functionality and usability. Permitting dynamic changes to subject labels, as proposed in the low-watermark model, provides better usability. However, it suffers from the self-revocation problem, whereby read/write operations on already open files are denied because the label of the subject performing these operations has been downgraded. While most applications deal gracefully with security failures on file open operations, they are unprepared to handle security violations on subsequent reads/writes. As a result, subject downgrades may lead to crashes or malfunction. Even those applications that deal with read/write errors may still leave output files in a corrupted or inconsistent state since write permissions were taken away in the midst of producing an output file. To overcome these drawbacks, we propose a new approach for dynamic downgrading that eliminates the self-revocation problem. We show that our approach represents an optimal combination of functionality and compatibility. Our experimental evaluation shows that our approach is efficient, incurring an overhead of a few percentage points, is compatible with existing applications, and provides strong integrity protection.
{"title":"Towards more usable information flow policies for contemporary operating systems","authors":"Wai-Kit Sze, B. Mital, R. Sekar","doi":"10.1145/2613087.2613110","DOIUrl":"https://doi.org/10.1145/2613087.2613110","url":null,"abstract":"There has been a resurgence of interest in information flow based techniques in security. A key attraction of these techniques is that they can provide strong, principled protection against malware, regardless of its sophistication. In spite of this advantage, most advances in information flow control have not been adopted in mainstream operating systems since a strict application of information flow can limit system functionality and usability. Permitting dynamic changes to subject labels, as proposed in the low-watermark model, provides better usability. However, it suffers from the self-revocation problem, whereby read/write operations on already open files are denied because the label of the subject performing these operations has been downgraded. While most applications deal gracefully with security failures on file open operations, they are unprepared to handle security violations on subsequent reads/writes. As a result, subject downgrades may lead to crashes or malfunction. Even those applications that deal with read/write errors may still leave output files in a corrupted or inconsistent state since write permissions were taken away in the midst of producing an output file. To overcome these drawbacks, we propose a new approach for dynamic downgrading that eliminates the self-revocation problem. We show that our approach represents an optimal combination of functionality and compatibility. Our experimental evaluation shows that our approach is efficient, incurring an overhead of a few percentage points, is compatible with existing applications, and provides strong integrity protection.","PeriodicalId":74509,"journal":{"name":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","volume":"22 1","pages":"75-84"},"PeriodicalIF":0.0,"publicationDate":"2014-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87030578","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We are seeing a significant shift in the types and characteristics of computing devices that are commonly used. Today, more smartphones are sold than personal computers. An area of rapid growth are also cloud systems; and our everyday lives are invaded by sensors like smart meters and electronic tickets. The days when most computing resources were managed directly by a computer's operating system are over---data and computation is distributed, and devices are typically always connected via the Internet.� In light of this shift, it is important to revisit the basic security properties we desire of computing systems and the mechanisms that we use to provide them. A building block of most of the security we enjoy in today's systems is access control. This panel will examine the challenges we face in adapting the access control models, techniques, and tools produced thus far to today's and tomorrow's computing environments. Key characteristics of these new systems that may require our approach to access control to change is that in many (e.g., cloud) systems users do not directly control their data; that a vast population of users operating mobile and other new devices has very little education in their use; and that cyber-physical systems permeate our environment to the point where they are often invisible to their users.� Access control comprises enforcement systems, specification languages, and policy-management tools or approaches. In each of these areas the shifting computing landscape leaves us examining how current technology can be applied to new contexts or looking for new technology to fill the gap. Enforcement of access-control policy based on a trusted operating system, for example, does not cleanly translate to massively distributed, heterogeneous computing environments; to environments with many devices that are minimally administered or administered with minimal expertise; and to potentially untrusted clouds that hold sensitive data and computations that belong to entities other than the cloud owner. What technologies or system components should be the building blocks of enforcement in these settings?
{"title":"What are the most important challenges for access control in new computing domains, such as mobile, cloud and cyber-physical systems?","authors":"Lujo Bauer, F. Kerschbaum","doi":"10.1145/2613087.2613090","DOIUrl":"https://doi.org/10.1145/2613087.2613090","url":null,"abstract":"We are seeing a significant shift in the types and characteristics of computing devices that are commonly used. Today, more smartphones are sold than personal computers. An area of rapid growth are also cloud systems; and our everyday lives are invaded by sensors like smart meters and electronic tickets. The days when most computing resources were managed directly by a computer's operating system are over---data and computation is distributed, and devices are typically always connected via the Internet.\u0000 In light of this shift, it is important to revisit the basic security properties we desire of computing systems and the mechanisms that we use to provide them. A building block of most of the security we enjoy in today's systems is access control. This panel will examine the challenges we face in adapting the access control models, techniques, and tools produced thus far to today's and tomorrow's computing environments. Key characteristics of these new systems that may require our approach to access control to change is that in many (e.g., cloud) systems users do not directly control their data; that a vast population of users operating mobile and other new devices has very little education in their use; and that cyber-physical systems permeate our environment to the point where they are often invisible to their users.\u0000 Access control comprises enforcement systems, specification languages, and policy-management tools or approaches. In each of these areas the shifting computing landscape leaves us examining how current technology can be applied to new contexts or looking for new technology to fill the gap. Enforcement of access-control policy based on a trusted operating system, for example, does not cleanly translate to massively distributed, heterogeneous computing environments; to environments with many devices that are minimally administered or administered with minimal expertise; and to potentially untrusted clouds that hold sensitive data and computations that belong to entities other than the cloud owner. What technologies or system components should be the building blocks of enforcement in these settings?","PeriodicalId":74509,"journal":{"name":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","volume":"1 1","pages":"127-128"},"PeriodicalIF":0.0,"publicationDate":"2014-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89494277","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Schaad, Anis Bkakria, F. Kerschbaum, F. Cuppens, N. Cuppens-Boulahia, D. Gross-Amblard
Recent advances in encrypted outsourced databases support the direct processing of queries on encrypted data. Depend- ing on functionality (i.e. operators) required in the queries the database has to use different encryption schemes with different security properties. Next to these functional re-quirements a security administrator may have to address security policies that may equally determine the used en-cryption schemes. We present an algorithm and tool set that determines an optimal balance between security and functionality as well as helps to identify and resolve possible conflicts. We test our solution on a database benchmark and business-driven security policies.
{"title":"Optimized and controlled provisioning of encrypted outsourced data","authors":"A. Schaad, Anis Bkakria, F. Kerschbaum, F. Cuppens, N. Cuppens-Boulahia, D. Gross-Amblard","doi":"10.1145/2613087.2613100","DOIUrl":"https://doi.org/10.1145/2613087.2613100","url":null,"abstract":"Recent advances in encrypted outsourced databases support the direct processing of queries on encrypted data. Depend- ing on functionality (i.e. operators) required in the queries the database has to use different encryption schemes with different security properties. Next to these functional re-quirements a security administrator may have to address security policies that may equally determine the used en-cryption schemes. We present an algorithm and tool set that determines an optimal balance between security and functionality as well as helps to identify and resolve possible conflicts. We test our solution on a database benchmark and business-driven security policies.","PeriodicalId":74509,"journal":{"name":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","volume":"157 1","pages":"141-152"},"PeriodicalIF":0.0,"publicationDate":"2014-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"75732901","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jyothsna Rachapalli, V. Khadilkar, Murat Kantarcioglu, B. Thuraisingham
We propose an access control language for securing RDF graphs which essentially leverages an underlying query language based redaction mechanism to provide fine grained RDF access control. The access control language presented is equipped with critical features such as policy resolution and cascading policies that are essential for fine grained RDF access control. We present the architecture of our system which primarily features a flexible, scalable and general purpose RDF access control mechanism.
{"title":"Redaction based RDF access control language","authors":"Jyothsna Rachapalli, V. Khadilkar, Murat Kantarcioglu, B. Thuraisingham","doi":"10.1145/2613087.2613108","DOIUrl":"https://doi.org/10.1145/2613087.2613108","url":null,"abstract":"We propose an access control language for securing RDF graphs which essentially leverages an underlying query language based redaction mechanism to provide fine grained RDF access control. The access control language presented is equipped with critical features such as policy resolution and cascading policies that are essential for fine grained RDF access control. We present the architecture of our system which primarily features a flexible, scalable and general purpose RDF access control mechanism.","PeriodicalId":74509,"journal":{"name":"Proceedings of the ... ACM symposium on access control models and technologies. ACM Symposium on Access Control Models and Technologies","volume":"59 1","pages":"177-180"},"PeriodicalIF":0.0,"publicationDate":"2014-06-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82806360","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
扫码关注我们
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号