Improving Logging to Reduce Permission Over-Granting Mistakes
Offered By: USENIX via YouTube
Course Description
Overview
Explore a conference talk from USENIX Security '23 that addresses the critical issue of permission over-granting mistakes in access control configurations. Learn about SECLOG, an innovative tool designed to improve logging practices and help system administrators correctly understand and resolve access-deny issues without compromising security. Discover the findings from an observational study on current access-deny logging practices in server software, and understand how SECLOG uses static analysis to automatically identify missing log locations and relevant diagnostic information. Examine the tool's effectiveness across ten widely deployed server applications, including its impact on reducing insecure fixes and improving diagnosis time. Gain insights into the importance of informative logging in maintaining robust access control and preventing potential security vulnerabilities.
Syllabus
USENIX Security '23 - Improving Logging to Reduce Permission Over-Granting Mistakes
Taught by
USENIX
Related Courses
Cybersecurity and Its Ten DomainsUniversity System of Georgia via Coursera Bases de données relationnelles : Comprendre pour maîtriser
Inria (French Institute for Research in Computer Science and Automation) via France Université Numerique Desarrollo de Aplicaciones Web: Seguridad
University of New Mexico via Coursera Web Application Development: Security
University of New Mexico via Coursera Computing, Storage and Security with Google Cloud Platform
Google via Coursera