Rule Based Analysis of Computer Security.
Abstract
Computers are rarely as secure as they could be. Users are lax or inconsistent in the ways they configure a computer's protection system, and these user mistakes often lead to serious security holes. For example, a privileged user might accidentally make his login initialization file publicly writable and that mistake could allow ordinary users to acquire super-user privileges. This sort of operational security problem is not caused by software bugs. It can happen even if all the computer's trusted programs behave according to their specifications. Operational security problems arise from complex interactions between the pieces of a computer's protection system. This report describes a tool for improving the operational security of discretionary access control systems. The tool is a rule based system that knows about the behavior of the computer's software and the tricks used by attackers. The tool uses this knowledge to deduce the set of privileges directly or indirectly accessible to each user. Once the set of accessible privileges has been deduced, that set can be compared against a site specific access policy and any differences can be reported. Keywords: Expert systems; Prototypes. (KR)
Document Details
- Document Type
- Technical Report
- Publication Date
- Mar 01, 1988
- Accession Number
- ADA195736
Entities
People
- Robert W. Baldwin
Organizations
- Massachusetts Institute of Technology