A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf
.
Vulnerability hierarchies in access control configurations
2011
2011 4th Symposium on Configuration Analytics and Automation (SAFECONFIG)
This paper applies methods for analyzing fault hierarchies to the analysis of relationships among vulnerabilities in misconfigured access control rule structures. Hierarchies have been discovered previously for faults in arbitrary logic formulae [11, 10, 9, 21] , such that a test for one class of fault is guaranteed to detect other fault classes subsumed by the one tested, but access control policies reveal more interesting hierarchies. These policies are normally composed of a set of rules of
doi:10.1109/safeconfig.2011.6111679
dblp:conf/safeconfig/Kuhn11
fatcat:d43psud7gnhzlcte5ndwj4wm6i