research-article

Public Access

Minimizing Privilege Assignment Errors in Cloud Services

Authors:

Matthew W. Sanders,

Chuan YueAuthors Info & Claims

CODASPY '18: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy

Pages 2 - 12

https://doi.org/10.1145/3176258.3176307

Published: 13 March 2018 Publication History

Abstract

The Principle of Least Privilege is a security objective of granting users only those accesses they need to perform their duties. Creating least privilege policies in the cloud environment with many diverse services, each with unique privilege sets, is significantly more challenging than policy creation previously studied in other environments. Such security policies are always imperfect and must balance between the security risk of granting over-privilege and the effort to correct for under-privilege. In this paper, we formally define the problem of balancing between over-privilege and under-privilege as the Privilege Error Minimization Problem (PEMP) and present a method for quantitatively scoring security policies. We design and compare three algorithms for automatically generating policies: a naive algorithm, an unsupervised learning algorithm, and a supervised learning algorithm. We present the results of evaluating these three policy generation algorithms on a real-world dataset consisting of 5.2 million Amazon Web Service (AWS) audit log entries. The application of these methods can help create policies that balance between an organization's acceptable level of risk and effort to correct under-privilege.

References

[1]

Amazon Web Services. 2017. IAM Policy Generator Source Code. https://awsiamconsole.s3.amazonaws.com/iam/assets/js/bundles/policies.js. (2017). Accessed: 2017-05-04.

[2]

Aaron Blankstein and Michael J Freedman. 2014. Automating isolation and least privilege in web services Security and Privacy (SP), 2014 IEEE Symposium on. IEEE, 133--148.

Digital Library

[3]

Leo Breiman, Jerome Friedman, Charles J Stone, and Richard A Olshen. 1984. Classification and regression trees. CRC press.

[4]

Suresh Chari, Ian Molloy, Youngja Park, and Wilferid Teiken. 2013. Ensuring continuous compliance through reconciling policy with usage ACM Symposium on Access control models and technologies (SACMAT). ACM, 49--60.

Digital Library

[5]

Martin Ester, Hans-Peter Kriegel, Jörg Sander, Xiaowei Xu, et almbox. 1996. A density-based algorithm for discovering clusters in large spatial databases with noise. Knowledge discovery in databases (KDD), Vol. Vol. 96. AAAI Press, 226--231.

Digital Library

[6]

David F Ferraiolo, Ravi Sandhu, Serban Gavrila, D Richard Kuhn, and Ramaswamy Chandramouli. 2001. Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security (TISSEC), Vol. 4, 3 (2001), 224--274.

Digital Library

[7]

Mario Frank, Joachim M Buhmann, and David Basin. 2010. On the definition of role mining. In ACM Symposium on Access control models and technologies (SACMAT). ACM, 35--44.

Digital Library

[8]

Google, Inc. . 2017. Manifest.permission | Android Developers. https://developer.android.com/reference/android/Manifest.permission.html. (2017). Accessed: 2017-01-10.

[9]

Rob J Hyndman and George Athanasopoulos. 2014. Forecasting: principles and practice. OTexts.

[10]

IBM Corporation. 2012. z/OS Security Server RACF General User's Guide. https://www.ibm.com/support/knowledgecenter/en/SSLTBW_1.13.0/com.ibm.zos.r13.icha100/toc.htm. (2012). Accessed: 2017-05--17.

[11]

John D Kelleher, Brian Mac Namee, and Aoife D`Arcy. 2015. Fundamentals of Machine Learning for Predictive Data Analytics. (2015).

Digital Library

[12]

Spyros Makridakis. 1990. Sliding Simulation: A New Approach to Time Series Forecasting. Management Science, Vol. 36, 4 (1990), 505--512.

Digital Library

[13]

Spyros Makridakis, A Andersen, Robert Carbone, Robert Fildes, Michele Hibon, Rudolf Lewandowski, Joseph Newton, Emanuel Parzen, and Robert Winkler. 1982. The accuracy of extrapolation (time series) methods: Results of a forecasting competition. Journal of forecasting Vol. 1, 2 (1982), 111--153.

[14]

Christopher D. Manning, Prabhakar Raghavan, and Hinrich Schütze. 2008. Introduction to Information Retrieval. Cambridge University Press, New York, NY, USA. 117--119 pages.

Digital Library

[15]

Ian Molloy, Ninghui Li, Tiancheng Li, Ziqing Mao, Qihua Wang, and Jorge Lobo. 2009. Evaluating role mining algorithms. In ACM Symposium on Access control models and technologies (SACMAT). ACM, 95--104.

Digital Library

[16]

Ian Molloy, Youngja Park, and Suresh Chari. 2012. Generative Models for Access Control Policies: Applications to Role Mining over Logs with Attribution. In ACM Symposium on Access control models and technologies (SACMAT). ACM, 45--56.

Digital Library

[17]

Sara Motiee, Kirstie Hawkey, and Konstantin Beznosov. 2010. Do windows users follow the principle of least privilege?: investigating user account control practices. In Symposium on Usable Privacy and Security (SOUPS). ACM.

Digital Library

[18]

Pedregosa, F., et al. . 2011. Scikit-learn: Machine Learning in Python. Journal of Machine Learning Research Vol. 12 (2011), 2825--2830.

Digital Library

[19]

Jerome H Saltzer and Michael D Schroeder. 1975. The protection of information in computer systems. Proc. IEEE Vol. 63, 9 (1975), 1278--1308.

[20]

Matthew Sanders and Chuan Yue. 2017. Automated Least Privileges in Cloud-Based Web Services Hot Topics in Web Systems and Technologies (HotWeb). IEEE.

Digital Library

[21]

SANS Institute. 2010. A Compliance Primer for IT Professionals. https://www.sans.org/reading-room/whitepapers/compliance/compliance-primer-professionals-33538. (2010). Accessed: 2017-09--24.

[22]

Jürgen Schlegelmilch and Ulrike Steffens. 2005. Role mining with ORCA. In ACM Symposium on Access control models and technologies (SACMAT). ACM, 168--176.

Digital Library

[23]

scikit-learn developers. 2016. Overview of clustering methods. http://scikit-learn.org/stable/modules/clustering.html. (2016). Accessed: 2017-09-01.

[24]

Brian T. Sniffen, David R. Harris, and John D. Ramsdell. 2006. Guided policy generation for application authors. SELinux Symposium.

[25]

Harold F Tipton and Kevin Henry. 2006. Official (ISC) 2 guide to the CISSP CBK. Auerbach Publications.

Digital Library

[26]

Jaideep Vaidya, Atluri Vijayalakshmi, and Qi Guo. 2007. The role mining problem: finding a minimal descriptive set of roles. ACM Symposium on Access control models and technologies (SACMAT). ACM, 175--184.

Digital Library

[27]

Bob Violino. 2017. Cloud Computing Sees Huge Growth Rates Across All Segments. http://www.information-management.com/news/infrastructure/cloud-computing-sees-huge-growth-rates-across-all-segments-10030682--1.html. (2017). Accessed: 2017-09-07.

[28]

Ruowen Wang, William Enck, Douglas Reeves, Xinwen Zhang, Peng Ning, Dingbang Xu, Wu Zhou, and Ahmed M. Azab. 2015. EASEAndroid: Automatic Policy Analysis and refinement for security enhanced android via large-scale semi-supervised learning USENIX Security Symposium. USENIX, 351--366.

Digital Library

[29]

Yongzheng Wu, Jun Sun, Yang Liu, and Jin Song Dong. 2013. Automatically partition software into least privilege components using dynamic data dependency analysis. In IEEE/ACM International Conference on Automated Software Engineering (ASE). IEEE Press, 323--333.

Digital Library

Cited By

D’Antoni LDing SGoel ARamesh MRungta NSung C(2024)Automatically Reducing Privilege for Access Control PoliciesProceedings of the ACM on Programming Languages10.1145/36897388:OOPSLA2(763-790)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689738
Shen BShan TZhou YCalandrino JTroncoso C(2023)MultiviewProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620657(7499-7516)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620657
Soroko DSavino GGray NSchöning J(2023)Social Transparency in Network Monitoring and Security SystemsProceedings of the 22nd International Conference on Mobile and Ubiquitous Multimedia10.1145/3626705.3627773(37-53)Online publication date: 3-Dec-2023
https://dl.acm.org/doi/10.1145/3626705.3627773
Show More Cited By

Index Terms

Minimizing Privilege Assignment Errors in Cloud Services

Recommendations

Mining least privilege attribute based access control policies
ACSAC '19: Proceedings of the 35th Annual Computer Security Applications Conference

Creating effective access control policies is a significant challenge to many organizations. Over-privilege increases security risk from compromised credentials, insider threats, and accidental misuse. Under-privilege prevents users from performing ...
Practical Role-Based Access Control

This article presents access control from a general and a role-based perspective. The article's focus is role based Access Control from a practical vice a theoretical perspective. The article starts with some access control definitions and two secure ...
Specifying and enforcing the principle of least privilege in role-based access control

The principle of least privilege in role-based access control is an important area of research. There are two crucial issues related to it: the specification and the enforcement. We believe that the existing least privilege specification schemes are not ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

CODASPY '18: Proceedings of the Eighth ACM Conference on Data and Application Security and Privacy

March 2018

401 pages

ISBN:9781450356329

DOI:10.1145/3176258

General Chairs:
Ziming Zhao
Arizona State University, USA
,
Gail-Joon Ahn
Arizona State University, USA & Samsung Research, Korea
,
Program Chairs:
Ram Krishnan
University of Texas at San Antonio, USA
,
Gabriel Ghinita
University of Massachusetts Boston, USA

Copyright © 2018 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 13 March 2018

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

NSF

Conference

CODASPY '18

Sponsor:

SIGSAC

CODASPY '18: Eighth ACM Conference on Data and Application Security and Privacy

March 19 - 21, 2018

AZ, Tempe, USA

Acceptance Rates

CODASPY '18 Paper Acceptance Rate 23 of 110 submissions, 21%;

Overall Acceptance Rate 149 of 789 submissions, 19%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

7
Total Citations
View Citations
531
Total Downloads

Downloads (Last 12 months)123
Downloads (Last 6 weeks)15

Reflects downloads up to 20 Nov 2024

Other Metrics

View Author Metrics

Citations

Cited By

D’Antoni LDing SGoel ARamesh MRungta NSung C(2024)Automatically Reducing Privilege for Access Control PoliciesProceedings of the ACM on Programming Languages10.1145/36897388:OOPSLA2(763-790)Online publication date: 8-Oct-2024
https://dl.acm.org/doi/10.1145/3689738
Shen BShan TZhou YCalandrino JTroncoso C(2023)MultiviewProceedings of the 32nd USENIX Conference on Security Symposium10.5555/3620237.3620657(7499-7516)Online publication date: 9-Aug-2023
https://dl.acm.org/doi/10.5555/3620237.3620657
Soroko DSavino GGray NSchöning J(2023)Social Transparency in Network Monitoring and Security SystemsProceedings of the 22nd International Conference on Mobile and Ubiquitous Multimedia10.1145/3626705.3627773(37-53)Online publication date: 3-Dec-2023
https://dl.acm.org/doi/10.1145/3626705.3627773
Bichhawat AFredrikson MYang J(2021)Automating Audit with Policy Inference2021 IEEE 34th Computer Security Foundations Symposium (CSF)10.1109/CSF51468.2021.00001(1-16)Online publication date: Jun-2021
https://doi.org/10.1109/CSF51468.2021.00001
Wu HYu ZHuang DZhang HHan W(2020)Automated Enforcement of the Principle of Least Privilege over Data Source Access2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)10.1109/TrustCom50675.2020.00075(510-517)Online publication date: Dec-2020
https://doi.org/10.1109/TrustCom50675.2020.00075
Li YHuang CYuan LDing YCheng H(2020)ASPGen: an Automatic Security Policy Generating Framework for AppArmor2020 IEEE Intl Conf on Parallel & Distributed Processing with Applications, Big Data & Cloud Computing, Sustainable Computing & Communications, Social Computing & Networking (ISPA/BDCloud/SocialCom/SustainCom)10.1109/ISPA-BDCloud-SocialCom-SustainCom51426.2020.00075(392-400)Online publication date: Dec-2020
https://doi.org/10.1109/ISPA-BDCloud-SocialCom-SustainCom51426.2020.00075
Sanders MYue CBalenson D(2019)Mining least privilege attribute based access control policiesProceedings of the 35th Annual Computer Security Applications Conference10.1145/3359789.3359805(404-416)Online publication date: 9-Dec-2019
https://dl.acm.org/doi/10.1145/3359789.3359805

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Table of Contents