The thesis addresses the problem of the verification and enforcement of authorization policies through static analysis techniques. The main contributions are threefold: a formal semantics for grsecurity, which allows us to effectively validate a number of desirable security properties for role-based access control systems; an extension of RCF based on affine logic, to guarantee the enforcement of expressive authorization policies predicating on resource usage bounds; a verification methodology for Android applications, targeted to the enforcement of an access control policy robust against privilege escalation attacks. All the proposed techniques are proved sound and the issues related to their practical implementation are discussed.
Static verification and enforcement of authorization policies / Calzavara, Stefano. - (2013 Apr 19).
Static verification and enforcement of authorization policies
Calzavara, Stefano
2013-04-19
Abstract
The thesis addresses the problem of the verification and enforcement of authorization policies through static analysis techniques. The main contributions are threefold: a formal semantics for grsecurity, which allows us to effectively validate a number of desirable security properties for role-based access control systems; an extension of RCF based on affine logic, to guarantee the enforcement of expressive authorization policies predicating on resource usage bounds; a verification methodology for Android applications, targeted to the enforcement of an access control policy robust against privilege escalation attacks. All the proposed techniques are proved sound and the issues related to their practical implementation are discussed.
| File | Dimensione | Formato | |
|---|---|---|---|
|
calzavara_801411_tesi.pdf
accesso aperto
Tipologia:
Tesi di dottorato
Dimensione
2.51 MB
Formato
Adobe PDF
|
2.51 MB | Adobe PDF | Visualizza/Apri |
I documenti in ARCA sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
