Candidate: Nahid Shaneabbas Juma
Title: Forensic Analysis in Access Control
Date: June 27, 2018
Time: 11:00 AM
Place: EIT 3145
Supervisor(s): Tripunitara, Mahesh
Abstract:
In this work, we address forensic analysis in access control systems. This problem is the counterpart of the safety analysis problem addressed in prior work, in which questions are asked about the future states of an access control system. In forensics, questions are asked about the past states of a system. We pose the problem precisely and investigate its computational complexity in the context of three access control models namely HRU, RBAC and Graham-Denning. One may recognize that if we maintain comprehensive logs of the past states of a system, then answering questions about past states involves merely scrutinizing those logs. However, in practice, logs can quickly explode in size. We introduce the notion of goal-directed logging whereby the logging requirements are determined by the goals of the forensic analysis. We investigate and compare the sizes of necessary logs for different forensic analysis goals for the three access control models. Ongoing work involves exploring forensic analysis in the context of a practical system, namely AWS S3.