ANALYZING ACCESS CONTROL CONFIGURATIONS
First Claim
1. A system for analyzing access control configurations, comprising:
- an operating system having resources and identifications of principals, the principals having access control privileges relating to the resources, the access control privileges described by access control metadata;
an access control scanner component that receives the access control metadata, determines relationships between the principals and the resources, and emits access control relations information; and
an access control inference engine that receives the emitted access control relations information and an access control policy model, analyzes the received information and model, and emits a vulnerability report.
2 Assignments
0 Petitions
Accused Products
Abstract
A facility is described for analyzing access control configurations. In various embodiments, the facility comprises an operating system having resources and identifications of principals, the principals having access control privileges relating to the resources, the access control privileges described by access control metadata; an access control scanner component that receives the access control metadata, determines relationships between the principals and the resources, and emits access control relations information; and an access control inference engine that receives the emitted access control relations information and an access control policy model, analyzes the received information and model, and emits a vulnerability report. In various embodiments, the facility generates an information flow based on access control relations, an access control mechanism model, and an access control policy model; determines, based on the generated information flow, whether privilege escalation is possible; and when privilege escalation is possible, indicates in a vulnerability report that the privilege escalation is possible.
99 Citations
20 Claims
-
1. A system for analyzing access control configurations, comprising:
-
an operating system having resources and identifications of principals, the principals having access control privileges relating to the resources, the access control privileges described by access control metadata; an access control scanner component that receives the access control metadata, determines relationships between the principals and the resources, and emits access control relations information; and an access control inference engine that receives the emitted access control relations information and an access control policy model, analyzes the received information and model, and emits a vulnerability report. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method performed by a computing system for analyzing access control configurations, comprising:
-
receiving access control metadata; determining access control relations based on the received access control metadata; receiving an access control policy model; and analyzing the access control relations and the access control policy model to generate a vulnerability report. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A computer-readable medium encoded with computer-executable instructions that, when executed, perform a method of analyzing access control configurations, the method comprising:
-
generating an information flow based on access control relations, an access control mechanism model, and an access control policy model; determining, based on the generated information flow, whether privilege escalation is possible; and when privilege escalation is possible, indicating in a vulnerability report that the privilege escalation is possible. - View Dependent Claims (19, 20)
-
Specification