This program is tentative and subject to change.
With the diversification of cloud services, cloud providers offer flexible access control by letting users apply fine-grained cloud access control policies to secure their cloud resources. However, flexibility comes with the cost that configuring cloud access control policies is error-prone. Therefore, cloud providers have developed SMT-based tools to formally analyze the user-defined policies. Unfortunately, we find these analyzers slow, due to the complex \emph{regular expression matching} conditions in policies. To this end, this paper introduces RELIA, a general method to speed up the analysis of cloud access control policies. The key idea of RELIA is to pre-compute a set of \emph{String Equivalence Classes (SECs)} based on the regular expressions in a policy, assign a unique integer to each SEC, and rewrite the regular constraints into equivalent integer constraints, which are easier to solve. We implement RELIA as a transparent layer between our in-house access analyzer and off-the-shelf SMT solvers. Based on real policies from a large public cloud provider, we show that: when enabling RELIA, our in-house portfolio solver (consisting of Z3, CVC4, and CVC5) can speed up the analysis process for nearly 95% of all cases, with an average speedup of $8.21\times$. (2) for 95.0% of cases, RELIA can speed up the portfolio solver.
This program is tentative and subject to change.
Tue 18 NovDisplayed time zone: Seoul change
11:00 - 12:30 | |||
11:00 10mTalk | SMTgazer: Learning to Schedule SMT Algorithms via Bayesian Optimization Research Papers Chuan Luo Beihang University, Shaoke Cui Beihang University, Jianping Song Beihang University, Xindi Zhang State Key Laboratory of Computer Science, Institute of Software, Chinese Academy of Sciences, China, Wei Wu Central South University; Xiangjiang Laboratory, Chanjuan Liu Dalian University of Technology, Shaowei Cai Institute of Software at Chinese Academy of Sciences, Chunming Hu Beihang University | ||
11:10 10mTalk | Efficient and Verifiable Proof Logging for MaxSAT Solving Research Papers | ||
11:20 10mTalk | Destabilizing Neurons to Generate Challenging Neural Network Verification Benchmarks Research Papers | ||
11:30 10mTalk | RELIA: Accelerating Analysis of Cloud Access Control Policies Research Papers Dan Wang Xi'an Jiaotong University, Peng Zhang Xi'an Jiaotong University, Zhenrong Gu Xi'an Jiaotong University, Weibo Lin Huawei Cloud, Shibiao Jiang Huawei Cloud, Zhu He Huawei Cloud, Xu Du Huawei Cloud, Longfei Chen Huawei Cloud, Jun Li Huawei, Xiaohong Guan Xi'an Jiaotong University | ||
11:40 10mTalk | Evolution-Aware Heuristics for GR(1) Realizability Checking Research Papers Dor Ma'ayan Tel Aviv University, Shahar Maoz Tel Aviv University, Jan Oliver Ringert Bauhaus-University Weimar | ||
11:50 10mTalk | Programmers’ Visual Attention on Function Call Graphs During Code Summarization Research Papers Samantha McLoughlin Vanderbilt University, Zachary Karas Vanderbilt University, Robert Wallace University of Notre Dame, Aakash Bansal Louisiana State University, Collin McMillan University of Notre Dame, Yu Huang Vanderbilt University | ||
12:00 10mTalk | LLM-Assisted Synthesis of High-Assurance C Programs Research Papers Prasita Mukherjee Purdue University, Minghai Lu Purdue University, Benjamin Delaware Purdue University Pre-print | ||
12:10 10mTalk | Faster Runtime Verification during Testing via Feedback-Guided Selective Monitoring Research Papers Shinhae Kim Cornell University, Saikat Dutta Cornell University, Owolabi Legunsen Cornell University | ||
12:20 10mTalk | Uncovering Discrimination Clusters: Quantifying and Explaining Systematic Fairness Violations Research Papers Ranit Debnath Akash University of Illinois Chicago, Ashish Kumar Pennsylvania State University, Verya Monjezi University of Texas at El Paso, Ashutosh Trivedi University of Colorado Boulder, Gang (Gary) Tan Pennsylvania State University, Saeid Tizpaz-Niari University of Illinois Chicago | ||