Identification of irregularities and allocation suggestion of relative file system permissions

Research output: Contribution to journalArticlepeer-review

7 Citations (Scopus)

Abstract

It is well established that file system permissions in large, multi-user environments can be audited to identify vulnerabilities with respect to what is regarded as standard practice. For example, identifying that a user has an elevated level of access to a system directory which is unnecessary and introduces a vulnerability. Similarly, the allocation of new file system permissions can be assigned following the same standard practices. On the contrary, and less well established, is the identification of potential vulnerabilities as well as the implementation of new permissions with respect to a system's current access control implementation. Such tasks are heavily reliant on expert interpretation. For example, the assigned relationship between users and groups, directories and their parents, and the allocation of permissions on file system resources all need to be carefully considered. This paper presents the novel use of statistical analysis to establish independence and homogeneity in allocated file system permissions. This independence can be interpreted as potential anomalies in a system's implementation of access control. The paper then presents the use of instance-based learning to suggest the allocation of new permissions conforming to a system's current implementation structure. Following this, both of the presented techniques are then included in a tool for interacting with Microsoft's New Technology File System (NTFS) permissions. This involves experimental analysis on six different NTFS directory structures within different organisations. The effectiveness of the developed technique is then established through analysing the true positive and true negative values. The presented results demonstrate the potential of the proposed techniques for overcoming complexities with real-world file system administration.

Original languageEnglish
Pages (from-to)27-39
Number of pages13
JournalJournal of Information Security and Applications
Volume30
Early online date5 May 2016
DOIs
Publication statusPublished - 1 Oct 2016

Fingerprint

Dive into the research topics of 'Identification of irregularities and allocation suggestion of relative file system permissions'. Together they form a unique fingerprint.

Cite this