• Quantifying permissiveness of access control policies🔍
• Quantifying Permissiveness of Access Control Policies🔍
• Quantifying Permissiveness of Access Control Policies 🔍
• vlab|cs|ucsb/quacky🔍
• Quantitative Access Control Policy Analysis and Repair Using Model ...🔍
• ‪William Eiers‬🔍
• Automatically reducing privilege for access control policies🔍
• Automatically Reducing Privilege for Access Control Policies🔍

Quantifying permissiveness of access control policies

In this paper, we present a quantitative and differential policy analysis framework that not only identifies if one policy is more permissive ...

Quantifying Permissiveness of Access Control Policies

We demonstrate the effectiveness of our approach by applying it to policies written in Amazon's AWS Identity and. Access Management (IAM) policy ...

Quantifying Permissiveness of Access Control Policies - IEEE Xplore

Due to ubiquitous use of software services, protecting the confidentiality of private information stored in compute clouds is becoming an increasingly ...

Quantifying Permissiveness of Access Control Policies

We quantify permissiveness of policies using a model counting constraint solver. We present a heuristic that transforms constraints extracted from access ...

Quantifying Permissiveness of Access Control Policies (ICSE 2022

We quantify permissiveness of policies using a model counting constraint solver. We present a heuristic that transforms constraints extracted from access ...

Quantifying permissiveness of access control policies - ResearchGate

... Eiers et al. [39] introduced a framework aimed at measuring the degree of permissiveness in access policies. ...

Quacky: Quantitative Access Control Permissiveness Analyzer

Given a policy, quacky translates it into a SMT formula and uses a model counting constraint solver to quantify permissiveness. When given ...

vlab-cs-ucsb/quacky: A tool for quantitatively assessing ... - GitHub

A tool for quantitatively assessing permissiveness of access control policies in the cloud - vlab-cs-ucsb/quacky.

Quacky: Quantitative Access Control Permissiveness Analyzer

qacky is a tool for quantifying permissiveness of access control policies in the cloud. Given a policy, qacky translates it into a SMT formula and uses a model ...

Quantitative Access Control Policy Analysis and Repair Using Model ...

These techniques however cannot perform quantitative analysis on policies (how much more permissive is policy 1 than policy 2?). It is crucial to develop ...

‪William Eiers‬ - ‪Google Scholar‬

Quantifying permissiveness of access control policies. W Eiers, G Sankaran, A Li, E O'Mahony, B Prince, T Bultan. Proceedings of the 44th International ...

Automatically reducing privilege for access control policies

... policy that still provides the same permissions that were observed in the access history. We treat the problem of computing the least permissive policy as a ...

Automatically Reducing Privilege for Access Control Policies

Quantifying permissiveness of access control policies. In Proceedings of the 44th International Conference on Software Engineering. (Pittsburgh, Pennsylvania) ...

UC Santa Barbara - eScholarship

William Eiers, Ganesh Sankaran, Albert Li, Emily O'Mahoney, Ben Prince, Tevfik Bul- tan. Quantifying Permissiveness of Access Control Policies. Proceedings of ...

Probabilistic Access Policies with Automated Reasoning Support

Observing that certain information useful for access control can be described by random variables, we are motivated to develop a new paradigm of ...

William Eiers | Stevens Institute of Technology

Quantifying permissiveness of access control policies using model counting techniques and automated policy downscaling. WJ Eiers, LS Hadarean, KS Luckow, N ...

Specifying and Reasoning about Dynamic Access-Control Policies

Access control is an important component of system security. Access-control policies capture rules that govern access to data or program operations. In the ...

A survey on access control techniques for cloud, blockchain, IoT and ...

The cloud layer security features work with the server and users, focusing on data privacy, such as Access Control mechanisms, data encryption, and ...

HUGS: Human-Guided Software Testing and Analysis for Scalable ...

Proposal & Award Policies & Procedures Guide (PAPPG). Additional Resources ... Quantifying permissiveness of access control policies" ICSE '22 ...

Using LLMs to Intelligently Manage Access Control - arXiv

Users will write access control policies (2) The access control poli- ... that are more permissive on the same role-view pair in NLACM 2.