all InfoSec news
Model Checking Access Control Policies: A Case Study using Google Cloud IAM. (arXiv:2303.16688v1 [cs.CR])
cs.CR updates on arXiv.org arxiv.org
Authoring access control policies is challenging and prone to
misconfigurations. Access control policies must be conflict-free. Hence,
administrators should identify discrepancies between policy specifications and
their intended function to avoid violating security principles. This paper aims
to demonstrate how to formally verify access control policies. Model checking
is used to verify access control properties against policies supported by an
access control model. The authors consider Google's Cloud Identity and Access
Management (IAM) as a case study and follow NIST's guidelines …
access access control access management administrators authors case cloud cloud iam cloud identity cloud identity and access management conflict control free function google google cloud guidelines iam identify identity identity and access identity and access management management misconfigurations nist policies policy principles security study verify