Sakuna Harinda Jayasundara, Nalin Asanka Gamagedara Arachchilage, Giovanni Russello (University of Auckland)

Access control failures can cause data breaches, putting entire organizations at risk of financial loss and reputation damage. One of the main reasons for such failures is the mistakes made by system administrators when they manually generate low-level access control policies directly from highlevel requirement specifications. Therefore, to help administrators in that policy generation process, previous research proposed graphical policy authoring tools and automated policy generation frameworks. However, in reality, those tools and frameworks are neither usable nor reliable enough to help administrators generate access control policies accurately while avoiding access control failures. Therefore, as a solution, in this paper, we present “AccessFormer”, a novel policy generation framework that improves both the usability and reliability of access control policy generation. Through the proposed framework, on the one hand, we improve the reliability of policy generation by utilizing Language Models (LMs) to generate, verify, and refine access control policies by incorporating the system’s as well as administrator’s feedback. On the other hand, we also improve the usability of the policy generation by proposing a usable policy authoring interface designed to help administrators understand policy generation mistakes and accurately provide feedback.

View More Papers

Facilitating Non-Intrusive In-Vivo Firmware Testing with Stateless Instrumentation

Jiameng Shi (University of Georgia), Wenqiang Li (Independent Researcher), Wenwen Wang (University of Georgia), Le Guan (University of Georgia)

Read More

Symphony: Path Validation at Scale

Anxiao He (Zhejiang University), Jiandong Fu (Zhejiang University), Kai Bu (Zhejiang University), Ruiqi Zhou (Zhejiang University), Chenlu Miao (Zhejiang University), Kui Ren (Zhejiang University)

Read More

Experimental Analyses of the Physical Surveillance Risks in Client-Side...

Ashish Hooda (University of Wisconsin-Madison), Andrey Labunets (UC San Diego), Tadayoshi Kohno (University of Washington), Earlence Fernandes (UC San Diego)

Read More

Vision: Towards Fully Shoulder-Surfing Resistant and Usable Authentication for...

Tobias Länge (Karlsruhe Institute of Technology), Philipp Matheis (Karlsruhe Institute of Technology), Reyhan Düzgün (Ruhr University Bochum), Melanie Volkamer (Karlsruhe Institute of Technology), Peter Mayer (Karlsruhe Institute of Technology, University of Southern Denmark)

Read More