11 research outputs found
Minimizing disclosure of private information in credential-based interactions : a graph-based approach
We address the problem of enabling clients to regulate disclosure of their credentials and properties when interacting with servers in open scenarios. We provide a means for clients to specify the sensitivity of information in their portfolio at a fine-grain level and to determine the credentials and properties to disclose to satisfy a server request while minimizing the sensitivity of the information disclosed. Exploiting a graph modeling of the problem, we develop a heuristic approach for determining a disclosure minimizing released information, that offers execution times compatible with the requirements of interactive access to Web resources
Supporting user privacy preferences on information release in open scenarios
Access control solutions for open systems are typically based on the assumption that a client may adopt approached speci\ufb01cally designed for the server to protect the disclosure of her sensitive information. These solutions however do not consider the speci\ufb01c privacy requirements characterizing the client. In this paper, we put forward the idea of adopting a di\ufb00erent model at the client-side, aimed at minimizing the amount of sensitive information released to a server. The model should be based on a formal modeling of the client portfolio and should easily support the de\ufb01nition of privacy preferences and disclosure limitations for empowering the user in the release of her personal information
Formal definitions for usable access control rule sets from goals to metrics
Access control policies describe high level requirements for access control systems. Access control rule sets ideally translate these policies into a coherent and manageable collection of Allow/Deny rules. Designing rule sets that reect desired policies is a difficult and time-consuming task. The result is that rule sets are difficult to understand and manage. The goal of this paper is to provide means for obtaining usable access control rule sets, which we define as rule sets that (i) reect the access control policy and (ii) are easy to understand and manage. In this paper, we formally define the challenges that users face when generating usable access control rule sets and provide formal tools to handle them more easily. We started our research with a pilot study in which specialists were interviewed. The objective was to list usability challenges regarding the management of access control rule sets and verify how those challenges were handled by specialists. The results of the pilot study were compared and combined with results from related work and refined into six novel, formally defined metrics that are used to measure the security and usability aspects of access control rule sets. We validated our findings with two user studies, which demonstrate that our metrics help users generate statistically significant better rule sets
On Formal Specification and Analysis of Security Policies
International audienceSecurity policies are ubiquitous in information systems and more generally in the management of sensitive information. Access control policies are probably the most largely used policies but their application goes well beyond this application domain. The enforcement of security policies is useless if some of their key properties like the consistency, for example, cannot be stated and checked. We propose here a framework where the security policies and the systems they are applied on, are specified separately but using a common formalism. This separation allows us not only some analysis of the policy independently of the target system but also the application of a given policy on different systems. Besides the abstract formalism we also explore how rewrite and reduction systems can be used and combined in a rather systematic way to provide executable specifications for this framework. We also propose a notion of system and policy transformation that gives the possibility to study some properties which cannot be expressed only within the initial presentation. We have shown, in particular, how confidentiality, integrity and confinment can be expressed for the BLP policy that does not deal explicitly with information flows but only with objects containing tractable information
Security Analysis and Improvement Model for Web-based Applications
Today the web has become a major conduit for information. As the World Wide
Web?s popularity continues to increase, information security on the web has become an
increasing concern. Web information security is related to availability, confidentiality,
and data integrity. According to the reports from http://www.securityfocus.com in May
2006, operating systems account for 9% vulnerability, web-based software systems
account for 61% vulnerability, and other applications account for 30% vulnerability.
In this dissertation, I present a security analysis model using the Markov Process
Model. Risk analysis is conducted using fuzzy logic method and information entropy
theory. In a web-based application system, security risk is most related to the current
states in software systems and hardware systems, and independent of web application
system states in the past. Therefore, the web-based applications can be approximately
modeled by the Markov Process Model. The web-based applications can be conceptually
expressed in the discrete states of (web_client_good; web_server_good,
web_server_vulnerable, web_server_attacked, web_server_security_failed; database_server_good, database_server_vulnerable, database_server_attacked,
database_server_security_failed) as state space in the Markov Chain. The vulnerable
behavior and system response in the web-based applications are analyzed in this
dissertation. The analyses focus on functional availability-related aspects: the probability
of reaching a particular security failed state and the mean time to the security failure of a
system. Vulnerability risk index is classified in three levels as an indicator of the level of
security (low level, high level, and failed level). An illustrative application example is
provided. As the second objective of this dissertation, I propose a security improvement
model for the web-based applications using the GeoIP services in the formal methods. In
the security improvement model, web access is authenticated in role-based access control
using user logins, remote IP addresses, and physical locations as subject credentials to
combine with the requested objects and privilege modes. Access control algorithms are
developed for subjects, objects, and access privileges. A secure implementation
architecture is presented. In summary, the dissertation has developed security analysis
and improvement model for the web-based application. Future work will address Markov
Process Model validation when security data collection becomes easy. Security
improvement model will be evaluated in performance aspect
Security Analysis and Improvement Model for Web-based Applications
Today the web has become a major conduit for information. As the World Wide
Web?s popularity continues to increase, information security on the web has become an
increasing concern. Web information security is related to availability, confidentiality,
and data integrity. According to the reports from http://www.securityfocus.com in May
2006, operating systems account for 9% vulnerability, web-based software systems
account for 61% vulnerability, and other applications account for 30% vulnerability.
In this dissertation, I present a security analysis model using the Markov Process
Model. Risk analysis is conducted using fuzzy logic method and information entropy
theory. In a web-based application system, security risk is most related to the current
states in software systems and hardware systems, and independent of web application
system states in the past. Therefore, the web-based applications can be approximately
modeled by the Markov Process Model. The web-based applications can be conceptually
expressed in the discrete states of (web_client_good; web_server_good,
web_server_vulnerable, web_server_attacked, web_server_security_failed; database_server_good, database_server_vulnerable, database_server_attacked,
database_server_security_failed) as state space in the Markov Chain. The vulnerable
behavior and system response in the web-based applications are analyzed in this
dissertation. The analyses focus on functional availability-related aspects: the probability
of reaching a particular security failed state and the mean time to the security failure of a
system. Vulnerability risk index is classified in three levels as an indicator of the level of
security (low level, high level, and failed level). An illustrative application example is
provided. As the second objective of this dissertation, I propose a security improvement
model for the web-based applications using the GeoIP services in the formal methods. In
the security improvement model, web access is authenticated in role-based access control
using user logins, remote IP addresses, and physical locations as subject credentials to
combine with the requested objects and privilege modes. Access control algorithms are
developed for subjects, objects, and access privileges. A secure implementation
architecture is presented. In summary, the dissertation has developed security analysis
and improvement model for the web-based application. Future work will address Markov
Process Model validation when security data collection becomes easy. Security
improvement model will be evaluated in performance aspect
Ansätze kompositionaler und zustandsbasierter Zugriffskontrolle für Web-basierte Umgebungen
Moderne verteilte Rechensysteme müssen flexibel an wechselnde Rahmenbedingungen und Aufgabenstellungen angepasst werden können. Notwendig hierfür ist, dass diese Rechensysteme in dynamisch veränderlicher Struktur aus verschiedenen informationellen Diensten zusammengesetzt sind. Kompositionalität ist in diesem Kontext eine wünschenswerte Eigenschaft, sowohl der Rechensysteme als auch der den Diensten zugeordneten Zugriffskontrollpolitiken und ihren Implementierungen. Zugriffskontrollpolitiken drücken hier aus, welche Dienste welchen Teilnehmern unter welchen Bedingungen verfügbar sein sollen. Bei anspruchsvollen Anwendungen wie beispielsweise strukturierten Diensten müssen die Zugriffskontrollpolitiken nicht nur für einzelne, atomare Funktionalitäten der Dienste festgelegt werden, sondern auch für komplexe Folgen der Funktionalitäten. Diese Arbeit schlägt eine kompositionale und zustandsbasierte Lösung für die beschriebenen Herausforderungen vor. Es wird eine kompositionale Algebra für Zugriffskontrollpolitiken für strukturierte Dienste entwickelt. Für diese sogenannten zustandsdynamischen Zugriffskontrollpolitiken werden konzeptionelle Durchsetzungsmechanismen erarbeitet. Es werden des Weiteren zentrale und dezentrale Architekturen für Zertifikat-basierte Zugriffskontrollsysteme entworfen, in die die vorgeschlagene Lösung eingebettet werden kann