Your search keyword '"access-control"' showing total 4 results

1. Model-based Analysis of Java EE Web Security Configurations

Author

Salvador Martínez, Valerio Cosentino, Jordi Cabot, IMT Atlantique (IMT Atlantique), Institut Mines-Télécom [Paris] (IMT), Laboratoire d'Informatique de Nantes Atlantique (LINA), Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS), Modeling Technologies for Software Production, Operation, and Evolution (ATLANMOD), Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS)-Département informatique - EMN, Mines Nantes (Mines Nantes)-Inria Rennes – Bretagne Atlantique, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), IMT Atlantique Bretagne-Pays de la Loire (IMT Atlantique), Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN), and Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Département informatique - EMN

Subjects

Cloud computing security, Computer science, business.industry, 020207 software engineering, 02 engineering and technology, Reverse-engineering, [INFO.INFO-SE]Computer Science [cs]/Software Engineering [cs.SE], Computer security model, Computer security, computer.software_genre, Web application security, Security testing, Security information and event management, Security service, 020204 information systems, 0202 electrical engineering, electronic engineering, information engineering, Security through obscurity, Security, Network security policy, business, computer, Access-control

Abstract

International audience; The widespread use of Java EE web applications as a means to provide distributed services to remote clients imposes strong security requirements, so that the resources managed by these applications remain protected from unauthorized disclosures and manipulations. For this purpose, the Java EE framework provides developers with mechanisms to define access-control policies. Unfortunately , the variety and complexity of the provided security configuration mechanisms cause the definition and manipulation of a security policy to be complex and error prone. As security requirements are not static, and thus, implemented policies must be changed and reviewed often, discovering and representing the policy at an appropriate abstraction level to enable their understanding and reenginering appears as a critical requirement. To tackle this problem, this paper presents a (model-based) approach aimed to help security experts to visualize, (automatically) analyse and manipulate web security policies.

Published

2016

2. Formal Firewall Conformance Testing: An Application of Test and Proof Techniques

Author

Brucker, Achim D., Lukas, Brügger, Wolff, Burkhart, SAP Research [Karlsruhe], SAP Research-Karlsruher Institut für Technologie (KIT), Eidgenössische Technische Hochschule - Swiss Federal Institute of Technology [Zürich] (ETH Zürich), Laboratoire de Recherche en Informatique (LRI), Université Paris-Sud - Paris 11 (UP11)-CentraleSupélec-Centre National de la Recherche Scientifique (CNRS), Université Paris-Sud - Paris 11 (UP11), and Centre National de la Recherche Scientifique (CNRS)

Subjects

Network Security, Formal Testing, Firewalls, [SCCO.COMP]Cognitive science/Computer science, Formal Methods, Access-control

Abstract

International audience; Firewalls are an important means to secure critical ICT infrastructures. As configurable off-the-shelf products, the effectiveness of a firewall crucially depends on both the correctness of the implementation itself as well as the correct configuration. While testing the implementation can be done once by the manufacturer, the configuration needs to be tested for each application individually. This is particularly challenging as the configuration, implementing a firewall policy, is inherently complex, hard to understand, administrated by different stakeholders and, thus, difficult to validate.This paper presents a formal model of both stateless and stateful firewalls (packet filters), including network address translation (NAT), to which a specification-based conformance test case generation approach is applied. Furthermore, a verified optimisation technique for this approach is presented: Starting from a formal model for stateless firewalls, a collection of semantics-preserving policy transformation rules and an algorithm that optimises the specification with respect of the number of test cases required for path coverage of the model are derived. We extend an existing approach that integrates verification and testing, i. e., tests and proofs to support conformance testing of network policies.The presented approach is supported by a test framework that allows to test actual firewalls using the test cases generated based on the formal model. Finally, a report on several larger case studies is presented.

Published

2015

3. Automatic reconstruction and analysis of security policies from deployed security components

Author

Martínez, Salvador, Laboratoire d'Informatique de Nantes Atlantique (LINA), Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN), Modeling Technologies for Software Production, Operation, and Evolution (ATLANMOD), Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Département informatique - EMN, Mines Nantes (Mines Nantes)-Inria Rennes – Bretagne Atlantique, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria), Ecole des Mines de Nantes, Frédéric Cuppens, Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS), and Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS)-Mines Nantes (Mines Nantes)-Université de Nantes (UN)-Centre National de la Recherche Scientifique (CNRS)-Département informatique - EMN

Subjects

Access-Control, Sûreté, Security, Contrôle d’accès, [INFO.INFO-SY]Computer Science [cs]/Systems and Control [cs.SY], Reverse-engineering, Ingénierie dirigée par les modèles, Rétro-ingénierie, Model-driven

Abstract

Security is a critical concern for any information system. Security properties such as confidentiality, integrity and availability need to be enforced in order to make systems safe. In complex environments, where information systems are composed by a number of heterogeneous subsystems, each subsystem plays a key role in the global system security. For the specific case of access-control, access-control policies may be found in several components (databases, networksand applications) all, supposedly, working together. Nevertheless since most times these policies have been manually implemented and/or evolved separately they easily become inconsistent. In this context, discovering and understanding which security policies are actually being enforced by the information system comes out as a critical necessity. The main challenge to solve is bridging the gap between the vendor-dependent security features and a higher-level representation that express these policies in a way that abstracts from the specificities of concrete system components, and thus, it´s easier to understand and reason with. This high-level representation would also allow us to implement all evolution/refactoring/manipulation operations on the security policies in a reusable way. In this work we propose such a reverse engineering and integration mechanism for access-control policies. We rely on model-driven technologies to achieve this goal.; La sécurité est une préoccupation essentielle pour tout système d’information. Propriétés de sécurité telles que la confidentialité, l’intégrité et la disponibilité doivent être appliquées afin de rendre les systèmes sures. Dans les environnements complexes, où les systèmes d’information sont composés par un certain nombre de sous-systèmes hétérogènes, chaque sous-système joue un rôle clé dans la sécurité globale du système. Dans le cas spécifique du contrôle d’accès, politiques de contrôle d’accès peuvent être trouvées dans différents composants (bases de données, réseaux, etc.), ces derniers étant sensés travailler ensemble. Néanmoins , puisque la plupart de ces politiques ont été mises en œuvre manuellement et / ou évolué séparément ils deviennent facilement incompatibles. Dans ce contexte, la découverte et compréhension des politiques de sécurité appliquées par le système d’information devient une nécessité critique. Le principal défi à résoudre est de combler le fossé entre les caractéristiques de sécurité dépendant du fournisseur et une représentation de plus haut niveau que exprime ces politiques d’une manière faisant abstraction des spécificités de composants concrètes, et donc, plus facile à comprendre et à raisonner avec. Cette représentation de haut niveau nous permettrait également de mettre en œuvre tous les opérations de évolution / refactoring / manipulation sur les politiques de sécurité d’une manière réutilisable. Dans ce travail, nous proposons un tel mécanisme de rétro-ingénierie et d’intégration des politiques de contrôle d’accès. Nous comptons sur les technologies de l’ingénierie dirigée par les modèles pour atteindre cet objectif .

Published

2014

4. On Formal Specification and Analysis of Security Policies

Author

Bourdier, Tony, Cirstea, Horatiu, Jaume, Mathieu, Kirchner, Hélène, Formal islands: foundations and applications (PAREO), INRIA Lorraine, Institut National de Recherche en Informatique et en Automatique (Inria)-Institut National de Recherche en Informatique et en Automatique (Inria)-Laboratoire Lorrain de Recherche en Informatique et ses Applications (LORIA), Institut National de Recherche en Informatique et en Automatique (Inria)-Université Henri Poincaré - Nancy 1 (UHP)-Université Nancy 2-Institut National Polytechnique de Lorraine (INPL)-Centre National de la Recherche Scientifique (CNRS)-Université Henri Poincaré - Nancy 1 (UHP)-Université Nancy 2-Institut National Polytechnique de Lorraine (INPL)-Centre National de la Recherche Scientifique (CNRS), Sémantiques, preuves et implantation (SPI), Laboratoire d'Informatique de Paris 6 (LIP6), Université Pierre et Marie Curie - Paris 6 (UPMC)-Centre National de la Recherche Scientifique (CNRS)-Université Pierre et Marie Curie - Paris 6 (UPMC)-Centre National de la Recherche Scientifique (CNRS), Inria Bordeaux - Sud-Ouest, Institut National de Recherche en Informatique et en Automatique (Inria), ANR-06-SETI-0016,SSURF,Sûreté et sécurité avec focal(2006), and Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique de Lorraine (INPL)-Université Nancy 2-Université Henri Poincaré - Nancy 1 (UHP)-Institut National de Recherche en Informatique et en Automatique (Inria)-Centre National de la Recherche Scientifique (CNRS)-Institut National Polytechnique de Lorraine (INPL)-Université Nancy 2-Université Henri Poincaré - Nancy 1 (UHP)

Subjects

security properties, access-control, [INFO.INFO-PL]Computer Science [cs]/Programming Languages [cs.PL], security policy, constrained rewriting, first-order logical specification, reduction systems

Abstract

International audience; Security policies are ubiquitous in information systems and more generally in the management of sensitive information. Access control policies are probably the most largely used policies but their application goes well beyond this application domain. The enforcement of security policies is useless if some of their key properties like the consistency, for example, cannot be stated and checked. We propose here a framework where the security policies and the systems they are applied on, are specified separately but using a common formalism. This separation allows us not only some analysis of the policy independently of the target system but also the application of a given policy on different systems. Besides the abstract formalism we also explore how rewrite and reduction systems can be used and combined in a rather systematic way to provide executable specifications for this framework. We also propose a notion of system and policy transformation that gives the possibility to study some properties which cannot be expressed only within the initial presentation. We have shown, in particular, how confidentiality, integrity and confinment can be expressed for the BLP policy that does not deal explicitly with information flows but only with objects containing tractable information.

Published

2010