Machine learning-based intelligent security framework for secure cloud key management
Ensuring the confidentiality, integrity, and availability of sensitive data in cloud environments
relies heavily on the robust management of cryptographic keys. With the expansion of cloud …
relies heavily on the robust management of cryptographic keys. With the expansion of cloud …
Cedar: A New Language for Expressive, Fast, Safe, and Analyzable Authorization
Cedar is a new authorization policy language designed to be ergonomic, fast, safe, and
analyzable. Rather than embed authorization logic in an application's code, developers can …
analyzable. Rather than embed authorization logic in an application's code, developers can …
Cedar: A New Language for Expressive, Fast, Safe, and Analyzable Authorization (Extended Version)
Cedar is a new authorization policy language designed to be ergonomic, fast, safe, and
analyzable. Rather than embed authorization logic in an application's code, developers can …
analyzable. Rather than embed authorization logic in an application's code, developers can …
Software Security Analysis in 2030 and Beyond: A Research Roadmap
As our lives, our businesses, and indeed our world economy become increasingly reliant on
the secure operation of many interconnected software systems, the software engineering …
the secure operation of many interconnected software systems, the software engineering …
Quacky: Quantitative Access Control Permissiveness Analyzer✱
W Eiers, G Sankaran, A Li, E O'Mahony… - Proceedings of the 37th …, 2022 - dl.acm.org
quacky is a tool for quantifying permissiveness of access control policies in the cloud. Given
a policy, quacky translates it into a SMT formula and uses a model counting constraint solver …
a policy, quacky translates it into a SMT formula and uses a model counting constraint solver …
Quantitative Policy Repair for Access Control on the Cloud
With the growing prevalence of cloud computing, providing secure access to information
stored in the cloud has become a critical problem. Due to the complexity of access control …
stored in the cloud has become a critical problem. Due to the complexity of access control …
Probabilistic Access Policies with Automated Reasoning Support
S Zhu, Y Zhang - International Conference on Computer Aided …, 2024 - Springer
Existing access policy languages like Cedar equipped with SMT-based automated
reasoning capabilities are effective in providing formal guarantees about the policies …
reasoning capabilities are effective in providing formal guarantees about the policies …
Ambit: Verification of Azure RBAC
M Kuprešanin, P Subotić - Proceedings of the 2023 on Cloud Computing …, 2023 - dl.acm.org
In this paper, we present an access control verification approach for Role-Based Access
Control (RBAC) mechanisms. Given a specification that models security boundaries (eg …
Control (RBAC) mechanisms. Given a specification that models security boundaries (eg …
Interactive Greybox Penetration Testing for Cloud Access Control using IAM Modeling and Deep Reinforcement Learning
Identity and Access Management (IAM) is an access control service in cloud platforms. To
securely manage cloud resources, customers are required to configure IAM to specify the …
securely manage cloud resources, customers are required to configure IAM to specify the …
CloudSec: An Extensible Automated Reasoning Framework for Cloud Security Policies
J Stubbs, S Padhy, R Cardone, S Black - International Conference on …, 2024 - Springer
Users increasingly create, manage and share digital resources, including sensitive data, via
cloud platforms and APIs. Platforms encode the rules governing access to these resources …
cloud platforms and APIs. Platforms encode the rules governing access to these resources …