04/11/2015 – Talk by Enrico Steffinlongo

Title:  Static Detection of Collusion Attacks in ARBAC-based Workflow Systems
Time: 13:00
Location: Meeting Room, building Zeta
Type: Research result
Speaker: Enrico Steffinlongo
Abstract: Authorization in workflow systems is usually built on top of role-based access control (RBAC); security policies on workflows are then expressed as constraints on the users performing a set of tasks and the roles assigned to them. When the user-to-role assignment can be changed by potentially untrusted users, like in the case of Administrative RBAC (ARBAC), collusions may take place to circumvent the intended security policies. In this paper, we study this problem in a formal model of workflows based on event structures and we define a precise notion of security against collusion. We then propose a static analysis technique based on a reduction to a role reachability problem for ARBAC, which can be used to prove or disprove security for restricted – yet useful – classes of workflow systems. Finally, we implement our analysis in a tool, WARBAC, and we experimentally show its effectiveness on a set of publicly available examples.