Semantic-based Automated Reasoning for AWS Access Policies using SMT | IEEE Conference Publication | IEEE Xplore
Subscribe
ADVANCED SEARCH
Conferences >2018 Formal Methods in Comput...

Semantic-based Automated Reasoning for AWS Access Policies using SMT

PDF
John Backes; Pauline Bolignano; Byron Cook; Catherine Dodge; Andrew Gacek; Kasper Luckow
All Authors

Abstract:

Cloud computing provides on-demand access to IT resources via the Internet. Permissions for these resources are defined by expressive access control policies. This paper ...Show More

Metadata

Abstract:

Cloud computing provides on-demand access to IT resources via the Internet. Permissions for these resources are defined by expressive access control policies. This paper presents a formalization of the Amazon Web Services (AWS) policy language and a corresponding analysis tool, called ZELKOVA, for verifying policy properties. ZELKOVA encodes the semantics of policies into SMT, compares behaviors, and verifies properties. It provides users a sound mechanism to detect misconfigurations of their policies. ZELKOVA solves a PSPACE-complete problem and is invoked many millions of times daily.
Published in: 2018 Formal Methods in Computer Aided Design (FMCAD)
Date of Conference: 30 October 2018 - 02 November 2018
Date Added to IEEE Xplore: 06 January 2019
ISBN Information:
DOI: 10.23919/FMCAD.2018.8602994
Conference Location: Austin, TX, USA
Contents
Contact IEEE to Subscribe

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.