| Presentation | 2005-11-15 An Information Leakage Risk Evaluation Method Based on Security Configuration Validation Hiroshi SAKAKI, Kazuo YANOO, Ryuichi OGAWA, Itaru HOSOMI, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | Various kinds of access control mechanisms are employed in Today's computer systems to protect confidential information. Since a limited number of administrators have to take care of the system configuration maintenance, vulnerabilities due to configuration error can be a critical issue. In this paper, we propose a configuration verification method that can handle parameters of two of major access control mechanisms-file access control and network packet filtering. This method can verify whether the system is configured to suffice access policies defined by system administrators. We confirmed that the proposed verification method can discover configuration errors of web servers by the development and its experimental use. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | configuration errors / verification / packet filtering / file access control |
| Paper # | ISEC2005-100,OIS2005-63 |
| Date of Issue |
| Conference Information | |
| Committee | ISEC |
|---|---|
| Conference Date | 2005/11/8(1days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | |
| Chair | |
| Vice Chair | |
| Secretary | |
| Assistant | |
| Paper Information | |
| Registration To | Information Security (ISEC) |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | An Information Leakage Risk Evaluation Method Based on Security Configuration Validation |
| Sub Title (in English) | |
| Keyword(1) | configuration errors |
| Keyword(2) | verification |
| Keyword(3) | packet filtering |
| Keyword(4) | file access control |
| 1st Author's Name | Hiroshi SAKAKI |
| 1st Author's Affiliation | Internet Systems Research Laboratories, NEC Corporation() |
| 2nd Author's Name | Kazuo YANOO |
| 2nd Author's Affiliation | Internet Systems Research Laboratories, NEC Corporation |
| 3rd Author's Name | Ryuichi OGAWA |
| 3rd Author's Affiliation | Internet Systems Research Laboratories, NEC Corporation |
| 4th Author's Name | Itaru HOSOMI |
| 4th Author's Affiliation | Internet Systems Research Laboratories, NEC Corporation |
| Date | 2005-11-15 |
| Paper # | ISEC2005-100,OIS2005-63 |
| Volume (vol) | vol.105 |
| Number (no) | 396 |
| Page | pp.pp.- |
| #Pages | 8 |
| Date of Issue | |