Show simple item record

dc.contributor.advisorStoller, Scott Den_US
dc.contributor.authorGupta, Puneeten_US
dc.contributor.otherDepartment of Computer Scienceen_US
dc.date.accessioned2013-05-22T17:34:41Z
dc.date.available2013-05-22T17:34:41Z
dc.date.issued1-Dec-11en_US
dc.date.submitted11-Decen_US
dc.identifierGupta_grad.sunysb_0771E_10808en_US
dc.identifier.urihttp://hdl.handle.net/1951/59677
dc.description120 pg.en_US
dc.description.abstractThe scale and complexity of security policies in enterprise systems makes it difficult to ensure that they achieve higher-level security goals. This dissertation explores two important ways in which policy analysis can help: reachability analysis for administrative policies, and analysis of policy enforcement in enterprise systems. An administrative policy specifies how each user in an enterprise may change the policy. Fully understanding the consequences of an administrative policy can be difficult, because sequences of changes by different users may interact in unexpected ways. Administrative policy analysis helps by answering questions such as user-permission reachability, which asks whether specified users can together change the policy in a way that achieves a specified goal, namely, granting a specified permission to a specified user. This dissertation presents a rule-based access control policy language, a rule-based administrative policy model that controls addition and removal of rules and facts, and an abductive analysis algorithm for user-permission reachability. Abductive analysis means that the algorithm can analyze policy rules even if the facts initially in the policy (e.g., information about users) are unavailable. The algorithm does this by computing minimal sets of facts that, if present in the initial policy, imply reachability of the goal. Many security requirements for enterprise systems can be expressed in a natural way as high-level access control policies, but are not enforced by a single mechanism that directly interprets such policies. A high-level policy may refer to abstract information resources, independent of where the information is stored; it controls both direct and indirect accesses to the information; it may refer to the context of a request, i.e., the request's path through the system; and its enforcement point and enforcement mechanism may be unspecified. Enforcement of a high-level policy may depend on the system architecture and the configurations of a variety of security mechanisms, such as firewalls, database access control, and application-level access control. This dissertation presents a framework for expressing high-level policies, a method for verifying that a high-level policy is enforced, and an algorithm for determining a trusted computing base for each resource.en_US
dc.description.sponsorshipStony Brook University Libraries. SBU Graduate School in Department of Computer Science. Charles Taber (Dean of Graduate School).en_US
dc.formatElectronic Resourceen_US
dc.language.isoen_USen_US
dc.publisherThe Graduate School, Stony Brook University: Stony Brook, NY.en_US
dc.subject.lcshComputer scienceen_US
dc.subject.otheraccess control, policy administration, security policy, verificationen_US
dc.titleVerification of Security Policy Administration and Enforcement in Enterprise Systemsen_US
dc.typeDissertationen_US
dc.description.advisorAdvisor(s): Stoller, Scott D. Committee Member(s): Sekar, R ; Ramakrishnan, C R; Lobo, Jorge.en_US
dc.mimetypeApplication/PDFen_US


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record