Abstract
Quacky is a tool for quantifying permissiveness of access control policies in the cloud. Given a policy, Quacky translates it into a SMT formula and uses a model counting constraint solver to quantify permissiveness. When given multiple policies, Quacky not only determines which policy is more permissive, but also quantifies the relative permissiveness between the policies. With Quacky, policy authors can automatically analyze complex policies, helping them ensure that there is no unintended access to private data. Quacky supports access control policies written in the Amazon Web Services (AWS) Identity and Access Management (IAM), Microsoft Azure, and Google Cloud Platform (GCP) policy languages. It has command-line and web interfaces. It is open-source and available at https://github.com/vlab-cs-ucsb/quacky. Video URL: https://youtu.be/YsiGOI-SCtg.
Cite
CITATION STYLE
Eiers, W., Sankaran, G., Li, A., O’Mahony, E., Prince, B., & Bultan, T. (2022). Quacky: Quantitative Access Control Permissiveness Analyzer. In ACM International Conference Proceeding Series. Association for Computing Machinery. https://doi.org/10.1145/3551349.3559530
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
