Skip to main content
Kent Academic Repository
Simple search | Advanced search

On Access Control, Capabilities, Their Equivalence, and Confused Deputy Attacks

Rajani, Vineet, Garg, Deepak, Rezk, Tamara (2016) On Access Control, Capabilities, Their Equivalence, and Confused Deputy Attacks. In: 2016 IEEE 29th Computer Security Foundations Symposium (CSF). 2016 IEEE 29th Computer Security Foundations Symposium (CSF). . pp. 150-163. IEEE ISBN 978-1-5090-2608-1. E-ISBN 978-1-5090-2607-4. (doi:10.1109/CSF.2016.18) (The full text of this publication is not currently available from this repository. You may be able to access a copy if URLs are provided) (KAR id:90601)

The full text of this publication is not currently available from this repository. You may be able to access a copy if URLs are provided.
Official URL:
https://doi.org/10.1109/CSF.2016.18

Abstract

Motivated by the problem of understanding the difference between practical access control and capability systems formally, we distill the essence of both in a language-based setting. We first prove that access control systems and (object) capabilities are fundamentally different. We further study capabilities as an enforcement mechanism for confused deputy attacks (CDAs), since CDAs may have been the primary motivation for the invention of capabilities. To do this, we develop the first formal characterization of CDA-freedom in a language-based setting and describe its relation to standard information flow integrity. We show that, perhaps suprisingly, capabilities cannot prevent all CDAs. Next, we stipulate restrictions on programs under which capabilities ensure CDA-freedom and prove that the restrictions are sufficient. To relax those restrictions, we examine provenance semantics as sound CDA-freedom enforcement mechanisms.

Item Type: Conference or workshop item (Paper)
DOI/Identification number: 10.1109/CSF.2016.18
Uncontrolled keywords: Semantics; Calculus; Lattices; Standards; Authorization; Access control; Capability; Confused deputy problem; Provenance tracking; Information flow integrity
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: Amy Boaler
Date Deposited: 05 Oct 2021 13:49 UTC
Last Modified: 17 Aug 2022 12:22 UTC
Resource URI: https://kar.kent.ac.uk/id/eprint/90601 (The current URI for this page, for reference purposes)

University of Kent Author Information

Rajani, Vineet.

Creator's ORCID:
CReDIT Contributor Roles:
  • Depositors only (login required):
Altmetric
Download Statistics

Total unique views for this document in KAR since July 2020. For more details click on the image.

SensusAccess
Feedback