Araştırma Makalesi

An Inverse Approach to Windows' Resource-Based Permission Mechanism for Access Permission Vulnerability Detection

Cilt: 5 Sayı: 2 18 Temmuz 2022
Osmaniye Korkut Ata Üniversitesi Fen Bilimleri Enstitüsü Dergisi Kapak
Osmaniye Korkut Ata Üniversitesi Fen Bilimleri Enstitüsü Dergisi
PDF İndir
TR EN

An Inverse Approach to Windows' Resource-Based Permission Mechanism for Access Permission Vulnerability Detection

Abstract

In organizations, employees work with information stored in files according to their duties and responsibilities. Windows uses resource-based access permissions that any permission for any user has to be set separately per resource. This approach gets complicated as the number of resources and users increase, and causes oversights in assigning permissions. Therefore, a special mechanism is required to scrutinize what permissions any employee has on any set of resources. This requirement is circumvented by reversing the Windows’ approach in terms of user-accessible resources. This approach is implemented by a program allowing quick and easy examination of any type of permissions granted or denied to active directory users on any folder. In this way, administrators can make sure there is no any missing or overlooked setting that could cause a security vulnerability. This approach can easily be extended to scrutinize other resources, and for other local or active directory objects.

Keywords

Kaynakça

  1. Brown, K. The. NET Developer’s Guide to Windows Security (Microsoft Net Development Series. Addison-Wesley Professional. 2004.
  2. Cone, J. M. ACACLS: A tool for examining and modifying file and directory security on NTFS volumes in a Windows NT environment. California State University, Long Beach, 2003.
  3. Halsey M. Bettany, A. Restoring Files and Folder Security Settings. Windows File System Troubleshooting. Berkeley, CA: Apress 2015.
  4. Internet: “SECURITY_DESCRIPTOR structure, https://docs.microsoft.com/en-us/windows/win32/api/winnt/ns-winnt-security descriptor (Accessed: 28.08.2021).
  5. Internet: DACLs and ACEs, https://docs.microsoft.com/en-us/windows/win32/secauthz/dacls-and-aces (Accessed: 27.08.2021).
  6. Internet: File and Folder Permissions, https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/bb727008(v=technet.10)?redirectedfrom=MSDN (Accessed: 24.08.2021).
  7. Internet: File Security and Access Rights, https://docs.microsoft.com/en-us/windows/win32/fileio/file-security-and-access-rights (Accessed: 26.08.2021).
  8. Internet: NTFS Overview, https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/dn466522(v=ws.11) (Accessed: 11.08.2021).

Ayrıntılar

Birincil Dil

İngilizce

Konular

Bilgisayar Yazılımı

Bölüm

Araştırma Makalesi

Yazarlar

Yayımlanma Tarihi

18 Temmuz 2022

Gönderilme Tarihi

8 Aralık 2021

Kabul Tarihi

10 Ocak 2022

Yayımlandığı Sayı

Yıl 2022 Cilt: 5 Sayı: 2

DOI

https://doi.org/10.47495/okufbed.1033540

IZ

https://izlik.org/JA26RF63MA

Kaynak Göster

RIS / Bibtex
APA
Temiz, H., & Büyükeke, A. (2022). An Inverse Approach to Windows’ Resource-Based Permission Mechanism for Access Permission Vulnerability Detection. Osmaniye Korkut Ata Üniversitesi Fen Bilimleri Enstitüsü Dergisi, 5(2), 534-550. https://doi.org/10.47495/okufbed.1033540
AMA
1.Temiz H, Büyükeke A. An Inverse Approach to Windows’ Resource-Based Permission Mechanism for Access Permission Vulnerability Detection. Osmaniye Korkut Ata Üniversitesi Fen Bilimleri Enstitüsü Dergisi. 2022;5(2):534-550. doi:10.47495/okufbed.1033540
Chicago
Temiz, Hakan, ve Ahmet Büyükeke. 2022. “An Inverse Approach to Windows’ Resource-Based Permission Mechanism for Access Permission Vulnerability Detection”. Osmaniye Korkut Ata Üniversitesi Fen Bilimleri Enstitüsü Dergisi 5 (2): 534-50. https://doi.org/10.47495/okufbed.1033540.
EndNote
Temiz H, Büyükeke A (01 Temmuz 2022) An Inverse Approach to Windows’ Resource-Based Permission Mechanism for Access Permission Vulnerability Detection. Osmaniye Korkut Ata Üniversitesi Fen Bilimleri Enstitüsü Dergisi 5 2 534–550.
IEEE
[1]H. Temiz ve A. Büyükeke, “An Inverse Approach to Windows’ Resource-Based Permission Mechanism for Access Permission Vulnerability Detection”, Osmaniye Korkut Ata Üniversitesi Fen Bilimleri Enstitüsü Dergisi, c. 5, sy 2, ss. 534–550, Tem. 2022, doi: 10.47495/okufbed.1033540.
ISNAD
Temiz, Hakan - Büyükeke, Ahmet. “An Inverse Approach to Windows’ Resource-Based Permission Mechanism for Access Permission Vulnerability Detection”. Osmaniye Korkut Ata Üniversitesi Fen Bilimleri Enstitüsü Dergisi 5/2 (01 Temmuz 2022): 534-550. https://doi.org/10.47495/okufbed.1033540.
JAMA
1.Temiz H, Büyükeke A. An Inverse Approach to Windows’ Resource-Based Permission Mechanism for Access Permission Vulnerability Detection. Osmaniye Korkut Ata Üniversitesi Fen Bilimleri Enstitüsü Dergisi. 2022;5:534–550.
MLA
Temiz, Hakan, ve Ahmet Büyükeke. “An Inverse Approach to Windows’ Resource-Based Permission Mechanism for Access Permission Vulnerability Detection”. Osmaniye Korkut Ata Üniversitesi Fen Bilimleri Enstitüsü Dergisi, c. 5, sy 2, Temmuz 2022, ss. 534-50, doi:10.47495/okufbed.1033540.
Vancouver
1.Hakan Temiz, Ahmet Büyükeke. An Inverse Approach to Windows’ Resource-Based Permission Mechanism for Access Permission Vulnerability Detection. Osmaniye Korkut Ata Üniversitesi Fen Bilimleri Enstitüsü Dergisi. 01 Temmuz 2022;5(2):534-50. doi:10.47495/okufbed.1033540

Cited By

Bayrak Ele Geçirme Yoluyla Yapılandırılmış Saldırı Güvenliği Uygulaması: Ardışık Sıralı Saldırı Yürütme ve Üç Bayrağın Ele Geçirilmesi

Osmaniye Korkut Ata Üniversitesi Fen Bilimleri Enstitüsü Dergisi

https://doi.org/10.47495/okufbed.1840420

23487




196541947019414  

1943319434 19435194361960219721 19784  2123822610 23877

* Uluslararası Hakemli Dergi (International Peer Reviewed Journal)

* Yazar/yazarlardan hiçbir şekilde MAKALE BASIM ÜCRETİ vb. şeyler istenmemektedir (Free submission and publication).

* Yılda Ocak, Mart, Haziran, Eylül ve Aralık'ta olmak üzere 5 sayı yayınlanmaktadır (Published 5 times a year)

* Dergide, Türkçe ve İngilizce makaleler basılmaktadır.

*Dergi açık erişimli bir dergidir.

Creative Commons License

Bu web sitesi Creative Commons Atıf 4.0 Uluslararası Lisansı ile lisanslanmıştır.