| LDR | 02891nam a22003373u 4500 | ||
| 001 | 012484887 | ||
| 003 | MiAaHDL | ||
| 005 | 20231111000000.0 | ||
| 006 | m d | ||
| 007 | cr bn ---auaua | ||
| 007 | cr||n||||||||| | ||
| 008 | 090618s2013 miu sb 000 0 eng d | ||
| 035 | ⊔ | ⊔ | ‡a(MiU)990124848870106381 |
| 035 | ⊔ | ⊔ | ‡asdr-miu.990124848870106381 |
| 035 | ⊔ | ⊔ | ‡z(MiU)MIU01000000000000012484887-goog |
| 035 | ⊔ | ⊔ | ‡a(DBlue)diss 99976 |
| 035 | ⊔ | ⊔ | ‡z(MiU)Aleph012484887 |
| 040 | ⊔ | ⊔ | ‡aMiU ‡cMiU |
| 042 | ⊔ | ⊔ | ‡adc |
| 100 | 1 | ⊔ | ‡aNg, Beng Heng. |
| 245 | 1 | 0 | ‡aTowards Least Privilege Principle: Limiting Unintended Accesses in Software Systems ‡h[electronic resource]. |
| 260 | ⊔ | ⊔ | ‡c2013. |
| 502 | ⊔ | ⊔ | ‡aDissertation (Ph.D.)--University of Michigan. |
| 504 | ⊔ | ⊔ | ‡aIncludes bibliographical references. |
| 520 | 3 | ⊔ | ‡aSecondly, access control mechanisms may be ineffective as subject roles change and administrative oversights lead to permission gaps, which should be removed expeditiously. Identifying permission gaps can be hard since another reference point besides granted permissions is often unavailable. DeGap uses access logs to estimate the gaps while using a common logic for various system services. DeGap also recommends configuration changes towards reducing the gaps. Lastly, unintended software code re-use can lead to intellectual property theft and license violations. Determining whether an application uses a library can be difficult. Compiler optimizations, function inlining, and lack of symbols make using syntactic methods a challenge, while pure semantic analysis is slow. Given a library and a set of applications, Expose combines syntactic and semantic analysis to efficiently help identify applications that re-use the library. |
| 520 | 3 | ⊔ | ‡aAdhering to the least privilege principle involves ensuring that only legitimate subjects have access rights to objects. Sometimes, this is hard because of permission irrevocability, changing security requirements, infeasibility of access control mechanisms, and permission creeps. If subjects turn rogue, the accesses can be abused. This thesis examines three scenarios where accesses are commonly abused and lead to security issues, and proposes three systems, SEAL, DeGap, and Expose to detect and, where practical, eliminate unintended accesses. Firstly, we examine abuse of email addresses, whose leakages are irreversible. Also, users can only hope that businesses requiring their email addresses for validating affiliations do not misuse them. SEAL uses semi-private aliases, which permits gradual and selective controls while providing privacy for affiliation validations. |
| 538 | ⊔ | ⊔ | ‡aMode of access: Internet. |
| 650 | ⊔ | 4 | ‡aLeast privilege principle. |
| 650 | ⊔ | 4 | ‡aPermission gap. |
| 650 | ⊔ | 4 | ‡aBinary code re-use. |
| 650 | ⊔ | 4 | ‡aEmail address security. |
| 690 | ⊔ | 4 | ‡aComputer Science & Engineering. |
| 710 | 2 | ⊔ | ‡aUniversity of Michigan. ‡bLibrary. ‡bDeep Blue. |
| 899 | ⊔ | ⊔ | ‡a39015089701315 |
| CID | ⊔ | ⊔ | ‡a012484887 |
| DAT | 0 | ⊔ | ‡a20231111015408.0 ‡b20231111000000.0 |
| DAT | 1 | ⊔ | ‡a20231112060855.0 ‡b2023-11-12T14:56:06Z |
| DAT | 2 | ⊔ | ‡a2019-11-04T19:00:02Z ‡b2015-03-10T20:00:04Z |
| CAT | ⊔ | ⊔ | ‡aSDR-MIU ‡cmiu ‡dALMA ‡lprepare.pl-004-008 |
| FMT | ⊔ | ⊔ | ‡aBK |
| HOL | ⊔ | ⊔ | ‡0sdr-miu.990124848870106381 ‡aMiU ‡bSDR ‡cMIU ‡f012484887 ‡pmdp.39015089701315 ‡sMIU ‡1990124848870106381 |
| 974 | ⊔ | ⊔ | ‡bMIU ‡cMIU ‡d20231112 ‡slit-dlps-dc ‡umdp.39015089701315 ‡y2013 ‡ric ‡qbib ‡tUS bib date1 >= 1930 |