TY - GEN
T1 - Cut me some security!
AU - Muthukumaran, Divya
AU - Rueda, Sandra
AU - Vijayakumar, Hayawardh
AU - Jaeger, Trent
PY - 2010
Y1 - 2010
N2 - Computer security is currently fraught with fine-grained access control policies, in operating systems, applications and even programming languages. All this policy configuration means that too many decisions are left to administrators, developers and even users to some extent and as a result we do not get any comprehensive security guarantees. In this position paper, we take a stand for the idea that less policy is better and propose that limiting the choices given to parties along the development and deployment process leads to a more secure system. We argue that other systems processes like scheduling and memory management achieve their goals with minimal user input and access control configuration should also follow suit. We then suggest a technique to automate access control configuration using graph-cuts and show that this gets us closer to achieving our goal.
AB - Computer security is currently fraught with fine-grained access control policies, in operating systems, applications and even programming languages. All this policy configuration means that too many decisions are left to administrators, developers and even users to some extent and as a result we do not get any comprehensive security guarantees. In this position paper, we take a stand for the idea that less policy is better and propose that limiting the choices given to parties along the development and deployment process leads to a more secure system. We argue that other systems processes like scheduling and memory management achieve their goals with minimal user input and access control configuration should also follow suit. We then suggest a technique to automate access control configuration using graph-cuts and show that this gets us closer to achieving our goal.
UR - http://www.scopus.com/inward/record.url?scp=78650130609&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=78650130609&partnerID=8YFLogxK
U2 - 10.1145/1866898.1866911
DO - 10.1145/1866898.1866911
M3 - Conference contribution
AN - SCOPUS:78650130609
SN - 9781450300933
T3 - Proceedings of the ACM Conference on Computer and Communications Security
SP - 75
EP - 78
BT - Proceedings of the 3rd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '10, Co-located with CCS'10
T2 - 3rd ACM Workshop on Assurable and Usable Security Configuration, SafeConfig '10, Co-located with CCS'10
Y2 - 4 October 2010 through 8 October 2010
ER -