Registered user since Thu 21 Apr 2022
Contributions
View general profile
Registered user since Thu 21 Apr 2022
Contributions
Tool Demonstrations
Tue 11 Oct 2022 10:00 - 10:30 at Ballroom A - Tool Poster Session 1This paper presents Quacky, a tool for quantifying permissiveness of access control policies in the cloud. Given a policy, Quacky translates it into a SMT formula and uses a model counting constraint solver to quantify permissiveness. When given multiple policies, Quacky not only determines which policy is more permissive, but also quantifies the relative permissiveness between the policies. With Quacky, users can automatically analyze complex policies, helping them ensure that there is no unintended access to their data. Quacky supports access control policies written in Amazon’s AWS Identity and Access Management (IAM), Microsoft’s Azure, and Google Cloud Platform (GCP) policy languages. Quacky is open-source and has both a command-line and a web interface. Video URL: \url{https://youtu.be/YsiGOI_SCtg}. The Quacky tool and benchmarks are available at \url{https://github.com/vlab-cs-ucsb/quacky}