Formal analysis of XACML policies using SMT

Türkmen, Fatih; Hartog, Jerry den; Ranise, Silvio; Zannone, Nicola

doi:10.1016/j.cose.2017.01.009

Cited by 36 publications

(10 citation statements)

References 11 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Wang et al [10] realized data storage and sharing without the participation of providers, using Ethereum and an attributebased access control method. Furthermore, many other researchers have studied the access control strategy described by XACML about Policies formalization [11], Automatic Testing [12], Model testing [13], policy tracing [14], automated fault localization [15].…”

Section: Literature Reviewmentioning

confidence: 99%

Detection of Conflicts Between Resource Authorization Rules in Extensible Access Control Markup Language Based on Dynamic Description Logic

Yang¹,

Tan²

2020

ISI

View full text Add to dashboard Cite

For resources in an open environment, the access control rules (ACRs), which are described by extensible access control markup language (XACML), might have conflicts between each other. To improve the rule management, the root causes of rule conflicts must be identified. This paper firstly formally models the resource attributes by dynamic description logic (DDL), and then investigates inference problems like attribute consistency and rule satisfiability by setting up concept, instance and action knowledge bases. Next, DDL-based rule conflict detection algorithms were designed to identify possible rule conflicts. Finally, the feasibility and decidability of the proposed algorithms were verified through experiments on expanded Continue dataset. The research results provide new insights to the detection of conflicts between resource authorization rules (RARs).

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Detection of Conflicts Between Resource Authorization Rules in Extensible Access Control Markup Language Based on Dynamic Description Logic

Yang¹,

Tan²

2020

ISI

View full text Add to dashboard Cite

show abstract

“…Extensible access control markup language (XACML) standards include both access control (authorisation) and data management based on XML in the different systems [25]. Effectively, XACML offers features for data access and authorisation for the users at the fine-grained level, which is the most flexible and effective [26,27,28]. This technology is presented by the organization for the advancement of structured information standards (OASIS).…”

Section: Overview Of Security and Privacy Techniques In Ehr Systemsmentioning

confidence: 99%

PAX: Using Pseudonymization and Anonymization to Protect Patients' Identities and Data in the Healthcare System

Al-Zubaidie

Zhang

2019

IJERPH

View full text Add to dashboard Cite

Electronic health record (EHR) systems are extremely useful for managing patients' data and are widely disseminated in the health sector. The main problem with these systems is how to maintain the privacy of sensitive patient information. Due to not fully protecting the records from unauthorised users, EHR systems fail to provide privacy for protected health information. Weak security measures also allow authorised users to exceed their specific privileges to access medical records. Thus, some of the systems are not a trustworthy source and are undesirable for patients and healthcare providers. Therefore, an authorisation system that provides privacy when accessing patients' data is required to address these security issues. Specifically, security and privacy precautions should be raised for specific categories of users, doctor advisors, physician researchers, emergency doctors, and patients' relatives. Presently, these users can break into the electronic systems and even violate patients' privacy because of the privileges granted to them or the inadequate security and privacy mechanisms of these systems. To address the security and privacy problems associated with specific users, we develop the Pseudonymization and Anonymization with the XACML (PAX) modular system, which depends on client and server applications. It provides a security solution to the privacy issues and the problem of safe-access decisions for patients' data in the EHR. The~results of theoretical and experimental security analysis prove that PAX provides security features in preserving the privacy of healthcare users and is safe against known attacks.

show abstract

“…However these same features can also make authoring XAMCL policies prone to human error. Turkmen et al [13] present a formal analysis of XACML policies by encoding them into Satisfiability Modulo Theories (SMT) formulas, facilitating formal policy analysis while relieving authors of the burden of manually proving soundness gradually. While this work remains more general in terms of access control definitions, our work additionally affords soundness checks for provisioned permissions in addition to the Policy Decision Point (PDP) logic, given that XACML is applicable to profile definitions, yet not for provisioning such profile to identities.…”

Section: Formal Verification For Xacmlmentioning

confidence: 99%

Network Reconnaissance and Vulnerability Excavation of Secure DDS Systems

White

Caiazza

Jiang

et al. 2019

2019 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW)

View full text Add to dashboard Cite

Data Distribution Service (DDS) is a realtime peerto-peer protocol that serves as a scalable middleware between distributed networked systems found in many Industrial IoT domains such as automotive, medical, energy, and defense. Since the initial ratification of the standard, specifications have introduced a Security Model and Service Plugin Interface (SPI) architecture, facilitating authenticated encryption and data centric access control while preserving interoperable data exchange. However, as Secure DDS v1.1, the default plugin specifications presently exchanges digitally signed capability lists of both participants in the clear during the crypto handshake for permission attestation; thus breaching confidentiality of the context of the connection. In this work, we present an attacker model that makes use of network reconnaissance afforded by this leaked context in conjunction with formal verification and model checking to arbitrarily reason about the underlying topology and reachability of information flow, enabling targeted attacks such as selective denial of service, adversarial partitioning of the data bus, or vulnerability excavation of vendor implementations.

show abstract

Formal analysis of XACML policies using SMT

Cited by 36 publications

References 11 publications

Detection of Conflicts Between Resource Authorization Rules in Extensible Access Control Markup Language Based on Dynamic Description Logic

Detection of Conflicts Between Resource Authorization Rules in Extensible Access Control Markup Language Based on Dynamic Description Logic

PAX: Using Pseudonymization and Anonymization to Protect Patients' Identities and Data in the Healthcare System

Network Reconnaissance and Vulnerability Excavation of Secure DDS Systems

Contact Info

Product

Resources

About