Putting the User in Usable Verification Kathi Fisler, WPI Joint work with Shriram Krishnamurthi.

Slides:

Advertisements

Similar presentations

1 1 Finding the Dark Cloud: Static Analysis of Cloud Configurations Shriram Krishnamurthi Brown University.

Advertisements

Operating System Security

Temporal-Logic Constraints in Feature-Oriented Verification Kathi Fisler (WPI) joint work with Shriram Krishnamurthi (Brown) Colin Blundell (Brown; now.

Guide to MCSE , Enhanced 1 Activity 14-1: Browsing Security Templates Objective: To become familiar with built-in security templates Start  Run.

Margrave: XACML Verification and Change-Impact Analysis Kathi Fisler, WPI Shriram Krishnamurthi, Brown Leo Meyerovich, Brown Michael Carl Tschantz, Brown.

11 P OLICY A NALYSIS U SING M ARGRAVE Shriram Krishnamurthi Brown University.

Re-Thinking Product Line Verification as a Constraints Problem Kathi Fisler (WPI) Shriram Krishnamurthi (Brown) Brown undergraduate collaborators: Harry.

An Approach to Evaluate Data Trustworthiness Based on Data Provenance Department of Computer Science Purdue University.

Cura EMR Data Collection Solution Presenters: Meghan McNeil (Project Manager) Michael Cybulski (Customer Liaison) Robert Victoria (Project Facilitator)

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Chapter 2 Access Control Fundamentals. Chapter Overview Protection Systems Mandatory Protection Systems Reference Monitors Definition of a Secure Operating.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.

Implementing An Extensible Role-Based Security Module in a Java Web Development Framework Joe Hesse Technology Director, UCSF Memory and Aging Center Dept.

Guide to MCSE , Enhanced 1 Activity 9-1: Creating a Group Policy Object Using the MMC Objective: To create a GPO using the Group Policy Object Editor.

Combining KMIP and XACML. What is XACML? XML language for access control Coarse or fine-grained Extremely powerful evaluation logic Ability to use any.

Methodology and Tools for End-to-End SOA Configurations By: Fumiko satoh, Yuichi nakamura, Nirmal K. Mukhi, Michiaki Tatsubori, Kouichi ono.

Cyber Patriot Training

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.

1 NEW Integrated Effort Management Tool. Intranet Users  Internet Users 

1 Chapter 20: Firewalls Fourth Edition by William Stallings Lecture slides by Lawrie Brown(modified by Prof. M. Singhal, U of Kentucky)

INFSOM-RI Training: Browsing and Editing with Web Tools Paolo Fabriani, Engineering Ingegneria Informatica S.p.A. (Italy) ETICS.

Module 9 Authenticating and Authorizing Users. Module Overview Authenticating Connections to SQL Server Authorizing Logins to Access Databases Authorization.

Author: Graham Hughes, Tevfik Bultan Computer Science Department, University of California, Santa Barbara, CA 93106, USA Source: International Journal.

In-Band Access Control Framework Group Name: WG4 SEC Source: Qualcomm Meeting Date: Agenda Item:

Access Control for Federation of Emulab-based Network Testbeds Ted Faber, John Wroclawski 28 July 2008

Model Checking and Model-Based Design Bruce H. Krogh Carnegie Mellon University.

1 Specifying and Reasoning about Dynamic Access-Control Policies Daniel J. Dougherty, Kathi Fisler, and Shriram Krishnamurthi Mouiad A. Hani Presented.

Computer Science Systematic Testing and Verification of Security Policies Tao Xie Department of Computer Science North Carolina State University

Computer Science 1 Mining Likely Properties of Access Control Policies via Association Rule Mining JeeHyun Hwang 1, Tao Xie 1, Vincent Hu 2 and Mine Altunay.

Computer Science Conformance Checking of Access Control Policies Specified in XACML Vincent C. Hu (National Institute of Standards and Technology) Evan.

Access Control Policy Tool (ACPT) Ensure the safety and flexibility in composing access control policies Current features: Allows policy authors to conveniently.

Guide to MCSE , Enhanced 1 Activity 3-1: Reviewing User Account Properties Objective is to review properties of user accounts through main tabs of.

MA194Using WindowsNT1 Topics for the day… WindowsNT Security WindowsNT File System (NTFS) Viewing/Setting Document and Folder Permissions Access Control.

NetTech Solutions Security and Security Permissions Lesson Nine.

1 Access Control Policies: Modeling and Validation Luigi Logrippo & Mahdi Mankai Université du Québec en Outaouais.

Legal and copyright issues: experiences and advice Morag Greig.

XACML Showcase RSA Conference What is XACML? n XML language for access control n Coarse or fine-grained n Extremely powerful evaluation logic n.

4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.

10.1 © 2004 Pearson Education, Inc. Lesson 10: Specifying Group Policy Settings Exam Microsoft® Windows® 2000 Directory Services Infrastructure.

1 DAFFODIL Effective Support for Using Digital Libraries Norbert Fuhr University of Duisburg-Essen, Germany.

PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.

Unlocking the Dynamics AX 2012 Security Model

19 Copyright © 2008, Oracle. All rights reserved. Security.

BIS 303 Week 3 Individual Assignment Hospitality Information Systems and Users Paper Check this A+ tutorial guideline at

BIS 318 Week 2 Individual Assignment Effectiveness of Technology Paper Write a 750- to 1,000-word paper in which you explore how technology has improved.

BSA 411 Week 5 Team Assignment Business System Analysis Methodology Plan Paper and Presentation Learning Team Business System Analysis Methodology Plan.

2V0-731 Dumps PDF VMware Certified Professional 7 - Cloud Management and Automation

Shriram Krishnamurthi Brown University

ACCUPLACER Alabama System Reports Training

Cite Your Sources True or false quiz

Chapter 18 Maintaining Information Systems

Research topics: Mira Balaban

Consistent URIs For Compliance Checking (1)

Proposed AD groups for TFS Users

Administration GUI for the Authorization Manager

Auto-Assign Led by Bethany Boyle & Dave Kritz

Assignment Help to Explore Importance of Management Principles for an Organization

Computer Security Hybrid Policies

Lesson #7 MCTS Cert Guide Microsoft Windows 7, Configuring Chapter 7 Configuring Devices and Updates.

Epilepsy12 Data platform user profile types

Learning Management System. Modules Admin Portal Roles Permission Policy Users Trainings Courses Badges Reports Calendar Notification Learner Portal Courses.

Administration Module

A CAD to Aras PLM connector solution

A CAD to Aras PLM connector solution

Chapter 8: Security Policy

Access Control What’s New?

Computer Security Hybrid Policies

Presentation transcript:

Putting the User in Usable Verification Kathi Fisler, WPI Joint work with Shriram Krishnamurthi

System  Properties  true or counter-eg Template Patterns More Domains GUI-based Tools Use English Better Scalability What is Usable Verification?

3 3

Access-Control Policies request decision Developer Patient During the review phase, a reviewer r may submit a review for paper p if r is assigned to review p During the meeting phase, a reviewer r can read the scores for paper p if r has submitted a review for p SocNetwork User PC-Chair

Policy Verification System  Properties  true or counter-eg Assigned reviewers can submit reviews During the review phase, a reviewer r may submit a review for paper p if r is assigned to review p During the meeting phase, a reviewer r can read the scores for paper p if r has submitted a review for p

Policy Verification (EnvModel  System)  Properties  true or counter-eg During the review phase, a reviewer r may submit a review for paper p if r is assigned to review p During the meeting phase, a reviewer r can read the scores for paper p if r has submitted a review for p  Assigned reviewers can submit reviews

What effect did this edit have? Transfer confidence During the review phase, a reviewer r may submit a review for paper p if r is assigned to review p During the meeting phase, a reviewer r can read the scores for paper p if r has submitted a review for p During the review phase, a reviewer r may submit a review for paper p if r is not conflicted with p During the meeting phase, a reviewer r can read the scores for paper p if r has submitted a review for p Artifact  Ground-truth artifact  Difference assigned(r,p), conflicted(r,p),... difference: permit vs deny

8 Configuration checking Upgrade checkingUpgrade exploring Mutation testing Refactoring testing = ? “What if” questions

Those I trust more should have more permissions Others must find our settings reasonable The reviewing process needs to run smoothly People triangulate decisions against personal, subjective measures During the review phase, a reviewer r may submit a review for paper p if r is assigned to review p During the meeting phase, a reviewer r can read the scores for paper p if r has submitted a review for p

Those I trust more should have more permissions Artifact  Ground-truth artifact  User View  Difference MoreTrusted(chair, reviewer) MoreTrusted(reviewer, author)... MoreTrusted(R1,R2)   (act,res) : Permit(R1,act,res)  Deny(R2,act,res) During the review phase, a reviewer r may submit a review for paper p if r is assigned to review p During the meeting phase, a reviewer r can read the scores for paper p if r has submitted a review for p

System  Properties  true or counter-eg Artifact  Ground-truth artifact  Difference Artifact  Ground-truth artifact  User View  Difference (EnvModel  System)  Properties  true or counter-eg