Abstract
It is well established that file system permissions in large, multi-user environments can be audited to identify vulnerabilities with respect to what is regarded as standard practice. For example, identifying that a user has an elevated level of access to a system directory which is unnecessary and introduces a vulnerability. Similarly, the allocation of new file system permissions can be assigned following the same standard practices. On the contrary, and less well established, is the identification of potential vulnerabilities as well as the implementation of new permissions with respect to a system's current access control implementation. Such tasks are heavily reliant on expert interpretation. For example, the assigned relationship between users and groups, directories and their parents, and the allocation of permissions on file system resources all need to be carefully considered. This paper presents the novel use of statistical analysis to establish independence and homogeneity in allocated file system permissions. This independence can be interpreted as potential anomalies in a system's implementation of access control. The paper then presents the use of instance-based learning to suggest the allocation of new permissions conforming to a system's current implementation structure. Following this, both of the presented techniques are then included in a tool for interacting with Microsoft's New Technology File System (NTFS) permissions. This involves experimental analysis on six different NTFS directory structures within different organisations. The effectiveness of the developed technique is then established through analysing the true positive and true negative values. The presented results demonstrate the potential of the proposed techniques for overcoming complexities with real-world file system administration.
Original language | English |
---|---|
Pages (from-to) | 27-39 |
Number of pages | 13 |
Journal | Journal of Information Security and Applications |
Volume | 30 |
Early online date | 5 May 2016 |
DOIs | |
Publication status | Published - 1 Oct 2016 |
Fingerprint
Dive into the research topics of 'Identification of irregularities and allocation suggestion of relative file system permissions'. Together they form a unique fingerprint.Profiles
-
Simon Parkinson
- Department of Computer Science - Professor
- School of Computing and Engineering
- Centre for Cybersecurity - Director
- Centre for Planning, Autonomy and Representation of Knowledge - Associate Member
Person: Academic