Anomaly discovery and resolution in MySQL access control policies

Mohamed Shehab; Saeed Al-Haj; Salil Bhagurkar; Ehab Al-Shaer

doi:10.1007/978-3-642-32597-7_47

Anomaly discovery and resolution in MySQL access control policies

Mohamed Shehab^*
, Saeed Al-Haj
, Salil Bhagurkar
, Ehab Al-Shaer

^*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

3 Scopus citations

Abstract

Managing hierarchical and fine grained DBMS policies for a large number of users is a challenging task and it increases the probability of introducing misconfigurations and anomalies. In this paper, we present a formal approach to discover anomalies in database policies using Binary Decision Diagrams (BDDs) which allow finer grain analysis and scalability. We present and formalize intra-table and inter-table redundancy anomalies using the popular MySQL database server as a case study. We also provide a mechanism for improving the performance of policy evaluation by upgrading rules from one grant table to another grant table. We implemented our proposed approach as a tool called MySQLChecker. The experimental results show the efficiency of MySQLChecker in finding and resolving policy anomalies.

Original language	English
Title of host publication	Database and Expert Systems Applications - 23rd International Conference, DEXA 2012, Proceedings
Publisher	Springer Verlag
Pages	514-522
Number of pages	9
Edition	PART 2
ISBN (Print)	9783642325960
DOIs	https://doi.org/10.1007/978-3-642-32597-7_47
State	Published - 2012
Externally published	Yes
Event	23rd International Conference on Database and Expert Systems Applications, DEXA 2012 - Vienna, Austria Duration: 3 Sep 2012 → 6 Sep 2012

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Number	PART 2
Volume	7447 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	23rd International Conference on Database and Expert Systems Applications, DEXA 2012
Country/Territory	Austria
City	Vienna
Period	3/09/12 → 6/09/12

Keywords

Access Control
Anomaly Detection
Policy
Policy Analysis

ASJC Scopus subject areas

Theoretical Computer Science
General Computer Science

Access to Document

10.1007/978-3-642-32597-7_47

Cite this

Shehab, M., Al-Haj, S., Bhagurkar, S., & Al-Shaer, E. (2012). Anomaly discovery and resolution in MySQL access control policies. In Database and Expert Systems Applications - 23rd International Conference, DEXA 2012, Proceedings (PART 2 ed., pp. 514-522). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7447 LNCS, No. PART 2). Springer Verlag. https://doi.org/10.1007/978-3-642-32597-7_47

Shehab, Mohamed ; Al-Haj, Saeed ; Bhagurkar, Salil et al. / Anomaly discovery and resolution in MySQL access control policies. Database and Expert Systems Applications - 23rd International Conference, DEXA 2012, Proceedings. PART 2. ed. Springer Verlag, 2012. pp. 514-522 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); PART 2).

@inproceedings{30fbfd5b0d56403d90a9c215ac609890,

title = "Anomaly discovery and resolution in MySQL access control policies",

abstract = "Managing hierarchical and fine grained DBMS policies for a large number of users is a challenging task and it increases the probability of introducing misconfigurations and anomalies. In this paper, we present a formal approach to discover anomalies in database policies using Binary Decision Diagrams (BDDs) which allow finer grain analysis and scalability. We present and formalize intra-table and inter-table redundancy anomalies using the popular MySQL database server as a case study. We also provide a mechanism for improving the performance of policy evaluation by upgrading rules from one grant table to another grant table. We implemented our proposed approach as a tool called MySQLChecker. The experimental results show the efficiency of MySQLChecker in finding and resolving policy anomalies.",

keywords = "Access Control, Anomaly Detection, Policy, Policy Analysis",

author = "Mohamed Shehab and Saeed Al-Haj and Salil Bhagurkar and Ehab Al-Shaer",

year = "2012",

doi = "10.1007/978-3-642-32597-7\_47",

language = "English",

isbn = "9783642325960",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

number = "PART 2",

pages = "514--522",

booktitle = "Database and Expert Systems Applications - 23rd International Conference, DEXA 2012, Proceedings",

address = "Germany",

edition = "PART 2",

note = "23rd International Conference on Database and Expert Systems Applications, DEXA 2012 ; Conference date: 03-09-2012 Through 06-09-2012",

}

Shehab, M, Al-Haj, S, Bhagurkar, S & Al-Shaer, E 2012, Anomaly discovery and resolution in MySQL access control policies. in Database and Expert Systems Applications - 23rd International Conference, DEXA 2012, Proceedings. PART 2 edn, Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), no. PART 2, vol. 7447 LNCS, Springer Verlag, pp. 514-522, 23rd International Conference on Database and Expert Systems Applications, DEXA 2012, Vienna, Austria, 3/09/12. https://doi.org/10.1007/978-3-642-32597-7_47

Anomaly discovery and resolution in MySQL access control policies. / Shehab, Mohamed; Al-Haj, Saeed; Bhagurkar, Salil et al.
Database and Expert Systems Applications - 23rd International Conference, DEXA 2012, Proceedings. PART 2. ed. Springer Verlag, 2012. p. 514-522 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 7447 LNCS, No. PART 2).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Anomaly discovery and resolution in MySQL access control policies

AU - Shehab, Mohamed

AU - Al-Haj, Saeed

AU - Bhagurkar, Salil

AU - Al-Shaer, Ehab

PY - 2012

Y1 - 2012

N2 - Managing hierarchical and fine grained DBMS policies for a large number of users is a challenging task and it increases the probability of introducing misconfigurations and anomalies. In this paper, we present a formal approach to discover anomalies in database policies using Binary Decision Diagrams (BDDs) which allow finer grain analysis and scalability. We present and formalize intra-table and inter-table redundancy anomalies using the popular MySQL database server as a case study. We also provide a mechanism for improving the performance of policy evaluation by upgrading rules from one grant table to another grant table. We implemented our proposed approach as a tool called MySQLChecker. The experimental results show the efficiency of MySQLChecker in finding and resolving policy anomalies.

AB - Managing hierarchical and fine grained DBMS policies for a large number of users is a challenging task and it increases the probability of introducing misconfigurations and anomalies. In this paper, we present a formal approach to discover anomalies in database policies using Binary Decision Diagrams (BDDs) which allow finer grain analysis and scalability. We present and formalize intra-table and inter-table redundancy anomalies using the popular MySQL database server as a case study. We also provide a mechanism for improving the performance of policy evaluation by upgrading rules from one grant table to another grant table. We implemented our proposed approach as a tool called MySQLChecker. The experimental results show the efficiency of MySQLChecker in finding and resolving policy anomalies.

KW - Access Control

KW - Anomaly Detection

KW - Policy

KW - Policy Analysis

UR - https://www.scopus.com/pages/publications/84866049103

U2 - 10.1007/978-3-642-32597-7_47

DO - 10.1007/978-3-642-32597-7_47

M3 - Conference contribution

AN - SCOPUS:84866049103

SN - 9783642325960

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 514

EP - 522

BT - Database and Expert Systems Applications - 23rd International Conference, DEXA 2012, Proceedings

PB - Springer Verlag

T2 - 23rd International Conference on Database and Expert Systems Applications, DEXA 2012

Y2 - 3 September 2012 through 6 September 2012

ER -

Shehab M, Al-Haj S, Bhagurkar S, Al-Shaer E. Anomaly discovery and resolution in MySQL access control policies. In Database and Expert Systems Applications - 23rd International Conference, DEXA 2012, Proceedings. PART 2 ed. Springer Verlag. 2012. p. 514-522. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); PART 2). doi: 10.1007/978-3-642-32597-7_47

Anomaly discovery and resolution in MySQL access control policies

Abstract

Publication series

Conference

Keywords

ASJC Scopus subject areas

Access to Document

Fingerprint

Cite this