Invalidating policies using structural information
Kammueller, Florian 
ORCID: https://orcid.org/0000-0001-5839-5488 and Probst, Christian
(2014)
Invalidating policies using structural information.
Journal of Wireless Mobile Networks, Ubiquitous Computing, and Dependable Applications, 5
(2)
.
pp. 59-79.
ISSN 2093-5374
[Article]
(doi:10.22667/JOWUA.2014.06.31.059)
Abstract
Insider threats are a major threat to many organisations. Even worse, insider attacks are usually hard to detect, especially if an attack is based on actions that the attacker has the right to perform. In this paper we present a step towards detecting the risk for this kind of attacks by invalidating policies using structural information of the organisational model. Based on this structural information and a description of the organisation's policies, our approach invalidates the policies and identifies exemplary sequences of actions that lead to a violation of the policy in question. Based on these examples, the organisation can identify real attack vectors that might result in an insider attack. This information can be used to refine access control systems or policies. We provide case studies showing how mechanical verification tools, i.e. modelchecking with MCMAS and interactive theorem proving in Isabelle/HOL, can be applied to support the invalidation and thereby the identification of the attack vectors.
| Item Type: | Article |
|---|---|
| Research Areas: | A. > School of Science and Technology > Computer Science > Foundations of Computing group |
| Item ID: | 15193 |
| Useful Links: | |
| Depositing User: | Florian Kammueller |
| Date Deposited: | 23 Apr 2015 10:51 |
| Last Modified: | 12 Sep 2018 13:53 |
| URI: | https://eprints.mdx.ac.uk/id/eprint/15193 |
Actions (login required)
 |
View Item |
Statistics
Additional statistics are available via IRStats2.
CORE (COnnecting REpositories)
CORE (COnnecting REpositories)