Abstract
Due to the lack of understanding of access control knowledge by developers, logic errors occur in the process of program development, which leads to the existence of access control vulnerabilities. These vulnerabilities can be classified into two categories, the one is violation of the logical structure of access control, such as privilege escalation vulnerabilities, and the other is inconsistent authorization, such as too coarse granularity of authorization to achieve the intended access control strategy. In order to solve these problems, a five-layer access control model that can be used to detect access control vulnerabilities is proposed. On the basis of this model, five types of access control vulnerabilities are defined. In order to detect the access control vulnerabilities, the access action is the core of the model, and attributes that describes the action extracted from the environment form an authorization context. Then the authorization context is combined with the five-layer model to determine whether there are access control vulnerabilities in the system.
Published Version
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
