Policy models to protect resource retrieval

Hayawardh Vijayakumar, Xinyang Ge, Trent Jaeger

Research output: Chapter in Book/Report/Conference proceedingConference contribution


Processes need a variety of resources from their operating environment in order to run properly, but adversary may control the inputs to resource retrieval or the end resource itself, leading to a variety of vulnerabilities. Conventional access control methods are not suitable to prevent such vulnerabilities because they use one set of permissions for all system call invocations. In this paper, we define a novel policy model for describing when resource retrievals are unsafe, so they can be blocked. This model highlights two contributions: (1) the explicit definition of adversary models as adversarial roles, which list the permissions that dictate whether one subject is an adversary of another, and (2) the application of data-flow to determine the adversary control of the names used to retrieve resources. An evaluation using multiple adversary models shows that data-flow is necessary to authorize resource retrieval in over 90% of system calls. By making adversary models and the adversary accessibility of all aspects of resource retrieval explicit, we can block resource access attacks system-wide.

Original languageEnglish (US)
Title of host publicationSACMAT 2014 - Proceedings of the 19th ACM Symposium on Access Control Models and Technologies
PublisherAssociation for Computing Machinery
Number of pages12
ISBN (Print)9781450329392
StatePublished - 2014
Event19th ACM Symposium on Access Control Models and Technologies, SACMAT 2014 - London, ON, Canada
Duration: Jun 25 2014Jun 27 2014

Publication series

NameProceedings of ACM Symposium on Access Control Models and Technologies, SACMAT


Other19th ACM Symposium on Access Control Models and Technologies, SACMAT 2014
CityLondon, ON

All Science Journal Classification (ASJC) codes

  • Software
  • Computer Networks and Communications
  • Safety, Risk, Reliability and Quality
  • Information Systems


Dive into the research topics of 'Policy models to protect resource retrieval'. Together they form a unique fingerprint.

Cite this