Access Control Policy Analysis and Visualization Tools for Security Professionals


Managing large sets of access-control rules is a complex task for security administrators. Each addition, deletion or modification of a rule causes many potential and unknown side effects ranging from rule conflicts to security breaches. Security researchers have attempted to alleviate this problem by proposing algorithms and tools which analyze lists of rules and provide administrators with the information they need to better manage their rules. Unfortunately few of these analysis tools connect a policy problem and the source of the problem clearly. In this work we discuss an interface that visualizes the output of policy analysis and the source of the output in terms of the rule list and shows administrators the effect of their changes.

In Workshop on Usable IT Security Management (USM ‘08)