ABSTRACT
Access Control Policies (ACP) specify which principals such as users have access to which resources. Ensuring the correctness and consistency of ACPs is crucial to prevent security vulnerabilities. However, in practice, ACPs are commonly written in Natural Language (NL) and buried in large documents such as requirements documents, not amenable for automated techniques to check for correctness and consistency. It is tedious to manually extract ACPs from these NL documents and validate NL functional requirements such as use cases against ACPs for detecting inconsistencies. To address these issues, we propose an approach, called Text2Policy, to automatically extract ACPs from NL software documents and resource-access information from NL scenario-based functional requirements. We conducted three evaluations on the collected ACP sentences from publicly available sources along with use cases from both open source and proprietary projects. The results show that Text2Policy effectively identifies ACP sentences with the precision of 88.7% and the recall of 89.4%, extracts ACP rules with the accuracy of 86.3%, and extracts action steps with the accuracy of 81.9%.
- Office of the National Coordinator for Health Information Technology (ONC). http://www.hhs.gov/healthit/.Google Scholar
- U. S. department of Health & Human Service (HHS). http://www.hhs.gov/.Google Scholar
- eXtensible Access Control Markup Language (XACML), 2005. http://www.oasis-open.org/committees/xacml.Google Scholar
- eXtensible Access Control Markup Language (XACML) specification, 2005. http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf.Google Scholar
- iTrust: Role-based healthcare, 2008. http://agile.csc.ncsu.edu/iTrust/wiki/.Google Scholar
- Text2Policy, 2012. http://research.csc.ncsu.edu/ase/projects/text2policy/.Google Scholar
- P. Ashley, S. Hada, G. Karjoth, C. Powers, and M. Schunter. Enterprise privacy architecture language (EPAL 1.2), 2003. http://www.w3.org/Submission/EPAL/.Google Scholar
- B. K. Boguraev. Towards finite-state analysis of lexical cohesion. In Proc. INTEX-3, 2000.Google Scholar
- C. Brodie, C.-M. Karat, J. Karat, and J. Feng. Usable security and privacy: A case study of developing privacy management tools. In Proc. SOUPS, pages 35--43, 2005. Google ScholarDigital Library
- C. A. Brodie, C.-M. Karat, and J. Karat. An empirical study of natural language parsing of privacy policy rules using the sparcle policy workbench. In Proc. SOUPS, pages 8--19, 2006. Google ScholarDigital Library
- F. Chantree, B. Nuseibeh, A. de Roeck, and A. Willis. Identifying nocuous ambiguities in natural language requirements. In Proc. RE, pages 56--65, 2006. Google ScholarDigital Library
- A. Cockburn. Writing Effective Use Cases. Addison-Wesley Longman Publishing Co., Inc., 1st edition, 2000. Google ScholarDigital Library
- D. J. Dougherty, K. Fisler, and S. Krishnamurthi. Specifying and reasoning about dynamic access-control policies. In Proc. IJCAR, pages 632--646, 2006. Google ScholarDigital Library
- O. Etzioni, M. Cafarella, D. Downey, A.-M. Popescu, T. Shaked, S. Soderland, D. S. Weld, and A. Yates. Unsupervised named-entity extraction from the web: An experimental study. Artif. Intell., pages 91--134, 2005. Google ScholarDigital Library
- C. Fellbaum, editor. WordNet An Electronic Lexical Database. The MIT Press, 1998.Google Scholar
- D. F. Ferraiolo, R. Sandhu, S. Gavrila, D. R. Kuhn, and R. Chandramouli. Proposed NIST standard for role-based access control. TISSEC, 4(3):224--274, 2001. Google ScholarDigital Library
- M. I. Gofman, R. Luo, J. He, Y. Zhang, and P. Yang. Incremental information flow analysis of role based access control. In Security and Management, pages 397--403, 2009.Google Scholar
- G. Grefenstette. Light parsing as finite state filtering. In A. Kornai, editor, Extended finite state models of language, pages 86--94. Cambridge University Press, 1999. Google ScholarDigital Library
- Q. He and A. I. Antón. Requirements-based access Control Analysis and Policy Specification (ReCAPS). Inf. Softw. Technol., 51(6):993--1009, 2009. Google ScholarDigital Library
- V. C. Hu, D. R. Kuhn, T. Xie, and J. Hwang. Model checking for verification of mandatory access control models and properties. IJSEKE, 21(1):103--127, 2011.Google Scholar
- J. Hwang, T. Xie, V. C. Hu, and M. Altunay. ACPT: A tool for modeling and verifying access control policies. In Proc. POLICY, pages 40--43, 2010. Google ScholarDigital Library
- I. Jacobson. Object-Oriented Software Engineering: A Use Case Driven Approach. Addison Wesley Longman Publishing Co., Inc., 2004. Google ScholarDigital Library
- I. Jacobson, M. Christerson, P. Jonsson, and G. Overgaard. Object-Oriented Software Engineering: A Use Case Driven Approach. Addison Wesley Longman Publishing Co., Inc., 1992. Google Scholar
- D. Jagielska, P. Wernick, M. Wood, and S. Bennett. How natural is natural language?: How well do computer science students write use cases? In Proc. OOPSLA, pages 914--924, 2006. Google ScholarDigital Library
- C.-M. Karat, J. Karat, C. Brodie, and J. Feng. Evaluating interfaces for privacy policy rule authoring. In Proc. CHI, pages 83--92, 2006. Google ScholarDigital Library
- J. Karat, C.-M. Karat, C. Brodie, and J. Feng. Designing natural language and structured entry methods for privacy policy authoring. In Proc. INTERACT, pages 671--684, 2005. Google ScholarDigital Library
- C. Kennedy. Anaphora for everyone: Pronominal anaphora resolution without a parser. In Proc. COLING, pages 113--118, 1996. Google ScholarDigital Library
- A. X. Liu, F. Chen, J. Hwang, and T. Xie. XEngine: a fast and scalable XACML policy evaluation engine. In Proc. SIGMETRICS, pages 265--276, 2008. Google ScholarDigital Library
- E. Martin, J. Hwang, T. Xie, and V. Hu. Assessing quality of policy properties in verification of access control policies. In Proc. ACSAC, pages 163--172, 2008. Google ScholarDigital Library
- E. Martin and T. Xie. A fault model and mutation testing of access control policies. In Proc. WWW, pages 667--676, 2007. Google ScholarDigital Library
- J. B. Michael, V. L. Ong, and N. C. Rowe. Natural-language processing support for developing policy-governed software systems. In Proc. TOOLS, pages 263--274, 2001. Google ScholarDigital Library
- M. S. Neff, R. J. Byrd, and B. K. Boguraev. The talent system: Textract architecture and data model. Nat. Lang. Eng., 10(3--4):307--326, 2004. Google ScholarDigital Library
- OASIS. Privacy policy profile of XACML v2.0., 2005. http://docs.oasis-open.org/xacml/2.0/privateprofile/access_control-xacml-2.0-privacy_profile-specos.pdf.Google Scholar
- R. Pandita, X. Xiao, H. Zhong, T. Xie, S. Oney, and A. Paradkar. Inferring method specifications from natural language API descriptions. In Proc. ICSE, pages 815--825, 2012. Google ScholarDigital Library
- C. Rolland and C. B. Achour. Guiding the construction of textual use case specifications. Data Knowl. Eng., 25(1--2):125--160, 1998. Google ScholarDigital Library
- P. Samarati and S. D. C. d. Vimercati. Access control: Policies, models, and mechanisms. In Proc. FOSAD, pages 137--196, 2001. Google ScholarDigital Library
- A. Schaad, V. Lotz, and K. Sohr. A model-checking approach to analysing organisational controls in a loan origination process. In Proc. SACMAT, pages 139--149, 2006. Google ScholarDigital Library
- A. Sinha, S. M. S. Jr., and A. Paradkar. Text2Test: Automated inspection of natural language use cases. In Proc. ICST, pages 155--164, 2010. Google ScholarDigital Library
- A. Sinha, A. M. Paradkar, P. Kumanan, and B. Boguraev. A linguistic analysis engine for natural language use case description and its application to dependability analysis in industrial use cases. In Proc. DSN, pages 327--336, 2009.Google ScholarCross Ref
- M. Stickel and M. Tyson. FASTUS: A cascaded finite-state transducer for extracting information from natural-language text. In Proc. Finite-State Language Processing, pages 383--406, 1997.Google Scholar
- L. Williams and Y. Shin. Work in progress: Exploring security and privacy concepts through the development and testing of the iTrust medical records system. In Proc. FIE, pages 30--31, 2006.Google ScholarCross Ref
- X. Xiao, T. Xie, N. Tillmann, and J. de Halleux. Precise identification of problems for structural test generation. In Proc. ICSE, pages 611--620, 2011. Google ScholarDigital Library
- T. Xie. Cooperative testing and analysis: Human-tool, tool-tool, and human-human cooperations to get work done. In Proc. SCAM, Keynote, 2012.Google ScholarDigital Library
- H. Yang, A. de Roeck, V. Gervasi, A. Willis, and B. Nuseibeh. Extending nocuous ambiguity analysis for anaphora in natural language requirements. In Proc. RE, pages 25--34, 2010. Google ScholarDigital Library
- H. Zhong, L. Zhang, T. Xie, and H. Mei. Inferring resource specifications from natural language API documentation. In Proc. ASE, pages 307--318, 2009. Google ScholarDigital Library
Index Terms
Automated extraction of security policies from natural-language software documents
Recommendations
Automated review of natural language requirements documents: generating useful warnings with user-extensible glossaries driving a simple state machine
ISEC '09: Proceedings of the 2nd India software engineering conferenceWe present an approach to automating some of the quality assurance review of software requirements documents, and promoting best practices for requirements documentation. The system we describe -- the Requirements Analysis Tool (RAT) - has been deployed ...
Automated Identification of LTL Patterns in Natural Language Requirements
ISSRE '09: Proceedings of the 2009 20th International Symposium on Software Reliability EngineeringAnalyzing requirements for consistency and checking them for correctness can require significant effort, particularly if they have not been maintained with a requirements management tool (e.g., DOORS) or specified in a machine-readable notation. By ...
Automated identification of LTL patterns in natural language requirements
ISSRE'09: Proceedings of the 20th IEEE international conference on software reliability engineeringAnalyzing requirements for consistency and checking them for correctness can require significant effort, particularly if they have not been maintained with a requirements management tool (e.g., DOORS) or specified in a machine-readable notation. By ...
Comments