Efficient security analysis of administrative access control policies

DSpace/Manakin Repository

Show simple item record

dc.contributor.advisor Bugliesi, Michele it_IT
dc.contributor.author Steffinlongo, Enrico <1987> it_IT
dc.date.accessioned 2017-12-12 it_IT
dc.date.accessioned 2018-06-22T10:10:31Z
dc.date.issued 2018-03-05 it_IT
dc.identifier.uri http://hdl.handle.net/10579/12917
dc.description.abstract In recent years access control has been a crucial aspect of computer systems, since it is the component responsible for giving users specific permissions enforcing a administrator-defined policy. This lead to the formation of a wide literature proposing and implementing access control models reflecting different system perspectives. Moreover, many analysis techniques have been developed with special attention to scalability, since many security properties have been proved hard to verify. In this setting the presented work provides two main contributions. In the first, we study the security of workflow systems built on top of an attribute-based access control in the case of collusion of multiples users. We define a formal model for an ARBAC based workflow system and we state a notion of security against collusion. Furthermore we propose a scalable static analysis technique for proving the security of a workflow. Finally we implement it in a prototype tool showing its effectiveness. In the second contribution, we propose a new model of administrative attribute-based access control (AABAC) where administrative actions are enabled by boolean expressions predicating on user attributes values. Subsequently we introduce two static analysis techniques for the verification of reachability problem: one precise, but bounded, and one over-approximated. We also give a set of pruning rules in order to reduce the size of the problem increasing scalability of the analysis. Finally, we implement the analysis in a tool and we show its effectiveness on several realistic case studies. it_IT
dc.language.iso en it_IT
dc.publisher Università Ca' Foscari Venezia it_IT
dc.rights © Enrico Steffinlongo, 2018 it_IT
dc.title Efficient security analysis of administrative access control policies it_IT
dc.title.alternative it_IT
dc.type Doctoral Thesis it_IT
dc.degree.name Informatica it_IT
dc.degree.level Dottorato di ricerca it_IT
dc.degree.grantor Dipartimento di Scienze Ambientali, Informatica e Statistica it_IT
dc.description.academicyear 30° CICLO + PROLUNGAMENTI E SOSPENSIONI 29° CICLO it_IT
dc.description.cycle 30 it_IT
dc.degree.coordinator Focardi, Riccardo it_IT
dc.location.shelfmark D001825 it_IT
dc.location Venezia, Archivio Università Ca' Foscari, Tesi Dottorato it_IT
dc.rights.accessrights openAccess it_IT
dc.thesis.matricno 826043 it_IT
dc.format.pagenumber XIII, 136 p. it_IT
dc.subject.miur INF/01 INFORMATICA it_IT
dc.description.note it_IT
dc.degree.discipline it_IT
dc.contributor.co-advisor it_IT
dc.provenance.upload Enrico Steffinlongo (826043@stud.unive.it), 2017-12-12 it_IT
dc.provenance.plagiarycheck Michele Bugliesi (bugliesi@unive.it), 2018-01-18 it_IT

Files in this item

This item appears in the following Collection(s)

Show simple item record