Dissertation/Thesis Abstract

Improving the Quality of Security Policies
by Hwang, JeeHyun, Ph.D., North Carolina State University, 2014, 146; 3584006
Abstract (Summary)

Systems such as web applications, database systems, and cloud services regulate users’ access control to sensitive resources based on security policies. Organizations often manage security policies in an ad-hoc and inconsistent manner due to a lack of budget, resources, and staff. This management could cause crucial security problems such as unauthorized access to sensitive resources.

A security policy is a set of restrictions and properties that specify how a computing system prevents information and computing resources from being used in violation of an organization’s security laws, rules, and practices. In computer systems, security policies are enforced to ensure correct functioning of access control such as “who” (e.g., authorized users or processes) can perform actions under “what” conditions.

Policy authors may follow common patterns in specifying and maintaining security policies. Researchers applied data mining techniques for deriving (implicit) patterns such as a group of users (i.e., roles in RBAC policies) who have the same access permissions. Policy authors reuse common patterns to reduce mistakes. Anomalies of those patterns are candidates for inspection to determine whether these anomalies expose faults.

Faults (i.e., misconfigurations) in security policies could result in tragic consequences, such as disallowing an authorized user to access her/his resources and allowing malicious users to access critical resources. Therefore, to improve the quality of security policies in terms of policy correctness, policy authors must conduct rigorous testing and verification during testing and maintenance phases of software development process. However, manual test-input generation and verification is an error-prone, time-consuming, and tedious task.

In this dissertation, we propose approaches that help improve the quality of security policies automatically. Our research goal is to help policy authors through automated pattern mining and testing techniques in the efficient detection and removal of faults. This dissertation is comprised of three research projects where each project focuses on a specific software engineering task. The three research projects are as follows:

Pattern Mining. We present an approach to mine patterns from security policies used in open source software products. Our approach applies data mining techniques on policy evolution and specification data of those security policies to identify common patterns, which represent usage of security policies. Our approach uses mined patterns as policy specification rules and detect faults in security policies under analysis as deviations from the mined patterns.

Automated Test Generation. We present a systematic structural testing approach for security policies. Our approach is based on the concept of policy coverage, which helps test a policy’s structural entities (i.e., rules, predicates, and clauses) to check whether each entity is specified correctly. Our approach analyzes security policies under test and generates test cases automatically to achieve high structural coverage. These test cases can achieve high fault-detection capability (i.e., detecting faults).

Automated Test Selection for Regression Testing. We present a safe-test-selection approach for regression testing of security policies. Among given initial test cases in access control systems under test, our approach selects and executes only test cases that could expose different policy behaviors across multiple versions of security policies. Our approach helps detect unexpected policy behaviors (i.e., regression faults) caused by policy changes efficiently.

These three research project have resulted in the following contributions:

• Patterns characterizing correlations of attributes in security policies help detect faults.

• Structural coverage for security policies is closely related to fault-detection capability. An original set of test cases with higher structural coverage often achieves higher fault-detection capability. Furthermore, its reduced set of test cases while maintaining the same structural coverage achieves similar fault-detection capability with the original set.

• Substantial number of test cases for regression testing can be reduced to help improve performance.

Indexing (document details)
Advisor: Williams, Laurie A.
Commitee:
School: North Carolina State University
Department: Computer Science
School Location: United States -- North Carolina
Source: DAI-B 75/10(E), Dissertation Abstracts International
Source Type: DISSERTATION
Subjects: Computer science
Keywords: Access control policy, Firewall policy, Policy testing, Quality improvement, Security policy, Test generationg
Publication Number: 3584006
ISBN: 9781303997341
Copyright © 2019 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy
ProQuest