Subprime oil: Deflation of the

Access Control in Operating Systems

Cover imageAccess control mechanisms (ACMs) have been widely used by operating systems (OSes) to protect information security. However, it is often challenging to evaluate and compare the quality of protection (QoP) of ACMs, especially when they are deployed on different OS platforms. This article presents an approach to quantitatively measure and compare the quality of ACMs, which provides useful information to support OS administrators and users to choose ACMs that fit with their security needs.

We introduce the notion of vulnerability profiles to capture the weakness of ACMs in protecting against malicious attacks, based on which vulnerability coefficients are computed as the numeric and platform-independent measurement of the QoP of ACMs. The approach combines the grey system theory and an independent vulnerability scoring system to infer complete vulnerability profiles and to calculate fair and objective vulnerability coefficients for ACMs. We implement a prototype called ACVAL based on the approach, and apply it to four mainstream ACMs. The results show that ACVAL is effective in evaluating and comparing ACMs across different OSes, a feature particularly useful to administrators of heterogeneous IT systems. To the best of our knowledge, our approach is the first to quantitative measurement and comparison of ACMs across OSes.


  • Security measurement;
  • Vulnerability profile;
  • Attack surface;
  • Access control;
  • Operating system;
  • Logic programming

Copyright © 2014 Elsevier Ltd. All rights reserved.

Dr. Liang Cheng received his PhD in Information Security at the University of Science and Technology of China in 2009. His PhD focused on the verification of access control in secure operating systems. He contributed to several NFSC programs for verification of access control policies and the evaluation of their quality of protection. He is now Associate Professor at the Institute of Software, Chinese Academy of Sciences. Since 2010, he has been working on flaw detection and assessment of access control configurations and program codes in IT systems.

Share this article

Related Posts

S2 Access Control Systems
S2 Access Control Systems

Latest Posts
Definition of stability in control system
Definition of…
Pros : Keeps cars on the road that would…
How to control your nervous system?
How to control…
Stress is an epidemic. It is one of the…
Insulin Pump control system
Insulin Pump…
1 The Bolus Wizard calculator does not…
Swipe Card Access Control Systems
Swipe Card Access…
Traditional swipe card access control…
Access Control System Diagram
Access Control…
IP Door Access Control Systems are easy…
Featured posts
  • Access control Management System
  • Access Control door Entry Systems
  • S2 Access Control Systems
  • Access Control System Diagram
  • Access Control Systems Manufacturers
  • Lenel Access Control Systems
  • Hotel Access Control System
  • CCTV and Access Control Systems
  • Barcode Access Control System
Copyright © 2019 l All rights reserved.