A Survey of Access Control Misconfiguration Detection Techniques
Access control mechanisms have been adopted in many real-world systems to control resource sharing for the principals in the system. An error in the access control policy (misconfiguration) can easily cause severe data leakage and system exploitation. Researchers have developed several methodologies to detect the access control misconfigurations through data mining, testing, and verification for various applications. This survey will study the line of works to detect access control misconfigurations and discuss some future research directions.
READ FULL TEXT