Uncovering access control weaknesses and flaws with security-discordant software clones.
François GauthierThierry LavoieEttore MerloPublished in: ACSAC (2013)
Keyphrases
- access control
- security policies
- software systems
- data security
- fine grained
- dynamic access control
- security requirements
- source code
- high assurance
- security mechanisms
- identity management
- role based access control
- security model
- software development
- security enforcement
- access control mechanism
- protection schemes
- access control policies
- database security
- security architecture
- access control systems
- access control models
- role assignment
- rbac model
- software architecture
- software engineering
- policy enforcement
- usage control
- computer systems
- unauthorized access
- role based access control model
- data protection