Visually Identifying Potential Sensitive Information Leaks in Access-Controlled Data Services
We present a novel visual-inspection methodology that relies on formal concept analysis to help developers ensure that only needed parts of sensitive information are released to authorized users in an access control model. The first step of our methodology involves the annotation of the to-be-exposed data using a domain-specific ontology, which includes sensitivity attributes at a meta-level for its elements. During the role-creation step, roles are assigned privileges in the form of queries, accessing different parts of the to-be-exposed data. The resulting set of roles, each one associated with its set of queries, is next represented in a roles-permissions matrix and transformed into a concept lattice that can be analyzed and inspected for deficiencies in the access-control model, based on parts of the data sensitivity levels. We hypothesize that visualizing concept lattices are useful when creating access-control models to manage data access so that the unauthorized access to sensitive and private information is curtailed.