AVTAC : A Framework for Automatic Auditing of Access Control in Windows and Linux Systems

摘要

Access control validation (also called conformity or compliance) consists in verifying at a regular basis whether the implemented access control rules are consistent and complete with respect to a given security policy or not. The compliance of some critical accesses needs to be monthly confirmed while other less critical assesses might me yearly analyzed. The result of the analysis is a detailed report that could be shown to an inspector. All important security referentials such as ISO 27001, COBIT, NIST 800-53 and HIPA recommend that conformity analysis should be done at regular intervals. For a small company, it would be possible to manually validate the access control policy. However for companies with thousands of employees, we need the help of automatic tools to accomplish this task. This paper introduces AVTAR (Automatic Validation Tool of Access Control) which is a framework that can automatically extract access control policies in Windows and Linux operating systems in order to analyze them.