RULE BASED ANALYSIS OF COMPUTER SECURITY

  • Authors:
  • R. Baldwin

  • Affiliations:
  • -

  • Venue:
  • RULE BASED ANALYSIS OF COMPUTER SECURITY
  • Year:
  • 1988

Quantified Score

Hi-index 0.00

Visualization

Abstract

Computers are rarely as secure as they could be. Users are lax or inconsistent in the way they configure a computer''s protection system, and these user mistakes often lead to serious security holes. For example, a privileged user might accidentally make his login initialization file publicly writable and that mistake could allow ordinary users to acquire super-user privileges. This sort of operational security problem is not caused by software bugs. It can happen even if all the computer''s trusted programs behave according to their specifications. Operational security problems arise from complex interactions between the pieces of a computer''s protection system. This report describes a tool for improving the operational security of discretionary access control systems. The tool is a rule based system that knows about the behavior of the computer''s software and the tricks used by attackers. The tool uses this knowledge to deduce the set of privileges directly or indirectly accessible to each user. Once the set of accessible privileges has been deduced, that set can be compared against a site specific access policy and any differences can be reported. A prototype of this tool has been used at MIT to improve the security of its UNIX computers. About twice each month the prototype identifies a database entry or file access mode that has been changed incorrectly and accidentally allows untrusted users to acquire super-user privileges.