Reasoning about Access Control in Windows NT

Yongyuth Permpoontanalarp

Logic and Security Laboratory, Department of Computer Engineering

King Mongkut's University of Technology Thonburi, 91 Suksawasd 48, Ratburana, Bangkok 10140 Thailand

E-mail: This email address is being protected from spambots. You need JavaScript enabled to view it. , This email address is being protected from spambots. You need JavaScript enabled to view it.

Manuscript received March 3, 20001,

Revised May 21, 2001

 

 


Abstract

In this paper, we study a logical methodology for access control in a real-world application, namely Windows NT (NT). In particular, we extend existing logical specifications for access control in order to deal with distributed access control in NT. Then, we propose practical verification properties for analyzing access control configurations in NT. The results obtained show that our logical methodology has several benefits. In particular, our logical specification for NT helps clarifying the access control mechanism in NT. Moreover, our reasoning methodology helps system administrators not only to analyze access control configurations, but also to set up an access control configuration which has desirable properties.

 

 

Keywords: Access Control, Tools for analyzing the security of access control in Operating systems and Formal Methods for Computer Security

mutengineer@gmail.com

Mahanakorn University of Technology

140 Moo 1, Cheum-Sampan Road, Nongchok, Bangkok, Thailand 10530

Tel: +(662)988-3655  Fax: +(662)988-4027

designed by sutit.ongart@gmail.com