Analysis of Rewrite-Based Access Control Policies

The rewrite-based approach provides executable specifications for security policies, which can be independently designed, verified, and then anchored on programs using a modular discipline. In this paper, we describe how to perform queries over these rule-based policies in order to increase the trust of the policy author on the correct behavior of the policy. The analysis we provide is founded on the strategic narrowing process, which provides both the necessary abstraction for simulating executions of the policy over access requests and the mechanism for solving what-if queries from the security administrator. We illustrate this general approach by the analysis of a firewall system policy.

[1]  Jürgen Giesl,et al.  Termination of term rewriting using dependency pairs , 2000, Theor. Comput. Sci..

[2]  Claude Kirchner,et al.  Weaving rewrite-based access control policies , 2007, FMSE '07.

[3]  María Alpuente,et al.  Termination of narrowing revisited , 2009, Theor. Comput. Sci..

[4]  Peter J. Stuckey,et al.  Flexible access control policy specification with constraint logic programming , 2003, TSEC.

[5]  Jürgen Giesl,et al.  Automated Termination Proofs with AProVE , 2004, RTA.

[6]  Claude Kirchner,et al.  Rewriting with Strategies in ELAN: A Functional Semantics , 2001, Int. J. Found. Comput. Sci..

[7]  Jürgen Giesl,et al.  Automated Termination Analysis for Haskell: From Term Rewriting to Programming Languages , 2006, RTA.

[8]  Sushil Jajodia,et al.  Flexible support for multiple access control policies , 2001, TODS.

[9]  José Meseguer,et al.  Symbolic reachability analysis using narrowing and its application to verification of cryptographic protocols , 2007, High. Order Symb. Comput..

[10]  Claude Marché,et al.  Modular and incremental proofs of AC-termination , 2004, J. Symb. Comput..

[11]  Hélène Kirchner,et al.  Termination of rewriting under strategies , 2009, TOCL.

[12]  Isabelle Gnaedig,et al.  Termination of Priority Rewriting , 2009, LATA.

[13]  Nao Hirokawa,et al.  Tyrolean termination tool: Techniques and features , 2007, Inf. Comput..

[14]  Aart Middeldorp,et al.  Completeness results for basic narrowing , 1994, Applicable Algebra in Engineering, Communication and Computing.

[15]  Narciso Martí-Oliet,et al.  Reflection, Metalevel Computation, and Strategies , 2007, All About Maude.

[16]  Claude Kirchner,et al.  Strategic Computation and Deduction , 2008 .

[17]  Hans Zantema,et al.  Termination of Term Rewriting by Semantic Labelling , 1995, Fundam. Informaticae.

[18]  Jan Willem Klop,et al.  Term Rewriting Systems: From Church-Rosser to Knuth-Bendix and Beyond , 1990, ICALP.

[19]  Anderson Santana de Oliveira Rewriting-Based Access Control Policies , 2006, SecReT@ICALP.

[20]  Chilukuri K. Mohan,et al.  Priority rewriting : Semantics, confluence, and conditionals , 1989 .

[21]  Pascal Van Hentenryck,et al.  Principles and practice of constraint programming: The Newport papers , 1996, Computers & Mathematics with Applications.

[22]  Pierre-Etienne Moreau,et al.  Tom: Piggybacking Rewriting on Java , 2007, RTA.

[23]  Hélène Kirchner,et al.  A Proof of Weak Termination Providing the Right Way to Terminate , 2004, ICTAC.

[24]  José Meseguer,et al.  Symbolic Model Checking of Infinite-State Systems Using Narrowing , 2007, RTA.

[25]  Jürgen Giesl,et al.  Proving Innermost Normalisation Automatically , 1997, RTA.

[26]  Tobias Nipkow,et al.  Term rewriting and all that , 1998 .

[27]  Jürgen Giesl,et al.  Improving Dependency Pairs , 2003, LPAR.

[28]  Patrick Brézillon,et al.  Lecture Notes in Artificial Intelligence , 1999 .

[29]  Jia-Huai You First-order unification in equational theories and its application to logic programming , 1985 .

[30]  Eelco Visser,et al.  Stratego: A Language for Program Transformation Based on Rewriting Strategies , 2001, RTA.

[31]  Claude Kirchner,et al.  Modular Access Control Via Strategic Rewriting , 2007, ESORICS.

[32]  Hélène Kirchner,et al.  Narrowing, Abstraction and Constraints for Proving Properties of Reduction Relations , 2007, Rewriting, Computation and Proof.

[33]  Jean-Marie Hullot,et al.  Canonical Forms and Unification , 1980, CADE.

[34]  Nachum Dershowitz,et al.  Termination of Rewriting , 1987, J. Symb. Comput..

[35]  Mohamed G. Gouda,et al.  Structured firewall design , 2007, Comput. Networks.

[36]  Anderson Santana de Oliveira,et al.  Réécriture et Modularité pour les Politiques de Sécurité. (Term Rewriting and Modularity for Security Policies) , 2008 .