A Model-Based Method for Security Configuration Verification
Various kinds of access control mechanisms have been employed in today’s computer systems to protect confidential information. Since high expertise is required for the system configuration maintenance, detecting vulnerabilities due to configuration errors is a difficult task. In this paper, we propose a model-based configuration verification method that can find complex errors of two major access control mechanisms, network packet filtering and file access control. This method constructs an information flow model using the configurations of the two mechanisms and verifies whether the system is configured to suffice access policies defined by system administrators. Through the development of a prototype system and its experimental use, we confirmed that the proposed method could discover configuration errors of Web servers that might cause information leakage.
KeywordsAccess Control Information Leakage Access Policy Policy Editor Access Control Mechanism
Unable to display preview. Download preview PDF.
- 1.Hosomi, H.S., Ogawa, R.: An Information Leakage Risk Evaluation Method Based on Sensitive Document Detection and Security Configuration Validation (2) Sensitive Document Detection with Text and Structure Analysis. In: The 67th National Convention of IPSJ (2005) (in Japanese)Google Scholar
- 2.Okajo, S., Matsuda, K., Ogawa, R.: A Policy Description Language for Policy-based Security Management. 2004-CSEC-027 2004(129) (December 2004) (in Japanese)Google Scholar
- 3.Nessus Vulnerability Scanner, http://www.nessus.org/
- 4.Symantec Enterprise Security Manager, http://www.symantec.com/Products/enterprise?c=prodinfo&refId=855
- 6.Phillips, C., Swiler, L.P.: A graph-based system for network-vulnerability analysis. In: Proceedings of the 1998 workshop on New security paradigms, pp. 71–79 (1998)Google Scholar
- 7.Ramakrishnan, C.R., Sekar, R.: Model-based Analysis of Configuration Vulnerabilities. Journal of Computer Security 10(1-2/2002), 189–209 (2003)Google Scholar
- 8.Cheung, S., Lindqvist, U., Fong, M.W.: Modeling Multistep Cyber Attacks for Scenario Recognition. In: Proceedings of the Third DARPA Information Survivability Conference and Exposition (DISCEX III), Washington, D.C, April 22–24, vol. I, pp. 284–292 (2003)Google Scholar
- 9.Bhatt, S., Horne, W., Pato, J., Rajagopalan, S.R., Rao, P.: Model-based validation of enterprise access policies, HPL-20050152(R.1) (2006)Google Scholar
- 10.Ou, X., Govindavajhala, S., Appel, A.W.: MulVAL:A Logic-based Network Security Analyzer. In: 14th Usenix Security Symposium (2005)Google Scholar