Subprime oil: Deflation of the

Access Control in Operating Systems

Cover imageAccess control mechanisms (ACMs) have been widely used by operating systems (OSes) to protect information security. However, it is often challenging to evaluate and compare the quality of protection (QoP) of ACMs, especially when they are deployed on different OS platforms. This article presents an approach to quantitatively measure and compare the quality of ACMs, which provides useful information to support OS administrators and users to choose ACMs that fit with their security needs.

We introduce the notion of vulnerability profiles to capture the weakness of ACMs in protecting against malicious attacks, based on which vulnerability coefficients are computed as the numeric and platform-independent measurement of the QoP of ACMs. The approach combines the grey system theory and an independent vulnerability scoring system to infer complete vulnerability profiles and to calculate fair and objective vulnerability coefficients for ACMs. We implement a prototype called ACVAL based on the approach, and apply it to four mainstream ACMs. The results show that ACVAL is effective in evaluating and comparing ACMs across different OSes, a feature particularly useful to administrators of heterogeneous IT systems. To the best of our knowledge, our approach is the first to quantitative measurement and comparison of ACMs across OSes.


  • Security measurement;
  • Vulnerability profile;
  • Attack surface;
  • Access control;
  • Operating system;
  • Logic programming

Copyright © 2014 Elsevier Ltd. All rights reserved.

Dr. Liang Cheng received his PhD in Information Security at the University of Science and Technology of China in 2009. His PhD focused on the verification of access control in secure operating systems. He contributed to several NFSC programs for verification of access control policies and the evaluation of their quality of protection. He is now Associate Professor at the Institute of Software, Chinese Academy of Sciences. Since 2010, he has been working on flaw detection and assessment of access control configurations and program codes in IT systems.

Share this article

Related Posts

Latest Posts
System Controls Technology Solutions Pvt Ltd
System Controls…
Bosch Chassis Systems India Pvt. Ltd…
Sequential control definition
Sequential control…
Summary: In interface design favor direct…
Solar system controller
Solar system…
What follows is a summary of our white…
Types of Electrical control Systems
Types of Electrical…
Before I introduce you the theory of…
Adaptive Cruise control Systems
Adaptive Cruise…
Two companies are developing a more advanced…
Featured posts
  • Access control Management System
  • Access Control door Entry Systems
  • Access Control Security Systems
  • Access Control Systems
  • Access Control Security Systems PDF
  • S2 Access Control Systems
  • Access Control System Diagram
  • Access Control Systems prices
  • Access Control Systems London
Copyright © 2024 l All rights reserved.