Baaz: A System for Detecting Access Control Misconfigurations

Maintaining correct access control to shared resources such as file servers, wikis, and databases is an important part of enterprise network management. A combination of many factors, including high rates of churn in organizational roles, policy changes, and dynamic information sharing scenarios, can trigger frequent updates to user permissions, leading to potential inconsistencies. With Baaz, the authors present a distributed system that monitors updates to access control metadata, analyzes this information to alert administrators about potential security and accessibility issues, and recommends suitable changes.

Provided by: Microsoft Corporation Topic: Security Date Added: Jun 2010 Format: PDF

Download Now

Find By Topic