A practical task-based approach to access control configurations

Configuring optimal access control is a difficult task in today's complex IT environments. Too restrictive access control leads to frustration by users, while excessive privileges leads to vulnerabilities. Unfortunately, the problem of verifying safety - i.e. no rights can be leaked to an unauthorised principal - for an arbitrary configuration of a general access model is shown to be undecidable. In this paper, a practical methodology and framework is proposed to elicit access control rights stealthily while users perform tasks in a test environment that mimic a real-production environment. To illustrate the feasibility of the framework, a prototype is implemented and presented.