{"id":"https://openalex.org/W3108419307","doi":"https://doi.org/10.1145/3368089.3409728","title":"Block public access: trust safety verification of access control policies","display_name":"Block public access: trust safety verification of access control policies","publication_year":2020,"publication_date":"2020-11-08","ids":{"openalex":"https://openalex.org/W3108419307","doi":"https://doi.org/10.1145/3368089.3409728","mag":"3108419307"},"language":"en","primary_location":{"id":"doi:10.1145/3368089.3409728","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3368089.3409728","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3368089.3409728","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3368089.3409728","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5015559318","display_name":"Malik Bouchet","orcid":null},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":true,"raw_author_name":"Malik Bouchet","raw_affiliation_strings":["Amazon, USA"],"affiliations":[{"raw_affiliation_string":"Amazon, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5112528389","display_name":"Byron Cook","orcid":null},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Byron Cook","raw_affiliation_strings":["Amazon, USA"],"affiliations":[{"raw_affiliation_string":"Amazon, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5020622588","display_name":"Bryant Cutler","orcid":null},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Bryant Cutler","raw_affiliation_strings":["Amazon, USA"],"affiliations":[{"raw_affiliation_string":"Amazon, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5050194547","display_name":"Anna Druzkina","orcid":null},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Anna Druzkina","raw_affiliation_strings":["Amazon, USA"],"affiliations":[{"raw_affiliation_string":"Amazon, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5084336108","display_name":"Andrew Gacek","orcid":"https://orcid.org/0000-0003-0321-8155"},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Andrew Gacek","raw_affiliation_strings":["Amazon, USA"],"affiliations":[{"raw_affiliation_string":"Amazon, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5010594542","display_name":"Liana Hadarean","orcid":"https://orcid.org/0009-0007-2146-7303"},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Liana Hadarean","raw_affiliation_strings":["Amazon, USA"],"affiliations":[{"raw_affiliation_string":"Amazon, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002412544","display_name":"Ranjit Jhala","orcid":"https://orcid.org/0000-0002-1802-9421"},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Ranjit Jhala","raw_affiliation_strings":["Amazon, USA"],"affiliations":[{"raw_affiliation_string":"Amazon, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5113490495","display_name":"Brad Marshall","orcid":null},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Brad Marshall","raw_affiliation_strings":["Amazon, USA"],"affiliations":[{"raw_affiliation_string":"Amazon, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5077338699","display_name":"Dan Peebles","orcid":null},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Dan Peebles","raw_affiliation_strings":["Amazon, USA"],"affiliations":[{"raw_affiliation_string":"Amazon, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5047763549","display_name":"Neha Rungta","orcid":"https://orcid.org/0000-0001-5143-8940"},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Neha Rungta","raw_affiliation_strings":["Amazon, USA"],"affiliations":[{"raw_affiliation_string":"Amazon, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5012489417","display_name":"Cole Schlesinger","orcid":"https://orcid.org/0009-0004-9350-3041"},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Cole Schlesinger","raw_affiliation_strings":["Amazon, USA"],"affiliations":[{"raw_affiliation_string":"Amazon, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5072152191","display_name":"Chriss Stephens","orcid":null},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Chriss Stephens","raw_affiliation_strings":["Amazon, USA"],"affiliations":[{"raw_affiliation_string":"Amazon, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5090965738","display_name":"Carsten Varming","orcid":null},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Carsten Varming","raw_affiliation_strings":["Amazon, USA"],"affiliations":[{"raw_affiliation_string":"Amazon, USA","institution_ids":["https://openalex.org/I1311688040"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5019086267","display_name":"Andy Warfield","orcid":null},"institutions":[{"id":"https://openalex.org/I1311688040","display_name":"Amazon (United States)","ror":"https://ror.org/04mv4n011","country_code":"US","type":"company","lineage":["https://openalex.org/I1311688040"]}],"countries":["US"],"is_corresponding":false,"raw_author_name":"Andy Warfield","raw_affiliation_strings":["Amazon, USA"],"affiliations":[{"raw_affiliation_string":"Amazon, USA","institution_ids":["https://openalex.org/I1311688040"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":14,"corresponding_author_ids":["https://openalex.org/A5015559318"],"corresponding_institution_ids":["https://openalex.org/I1311688040"],"apc_list":null,"apc_paid":null,"fwci":5.0971,"has_fulltext":true,"cited_by_count":22,"citation_normalized_percentile":{"value":0.95753836,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":95,"max":99},"biblio":{"volume":null,"issue":null,"first_page":"281","last_page":"291"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},"topics":[{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.9995999932289124,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9983000159263611,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9965999722480774,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8374640941619873},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.7303200960159302},{"id":"https://openalex.org/keywords/block","display_name":"Block (permutation group theory)","score":0.5841224193572998},{"id":"https://openalex.org/keywords/flexibility","display_name":"Flexibility (engineering)","score":0.5408565998077393},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5189387798309326},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.5101421475410461},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.41174155473709106},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.1716243326663971}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8374640941619873},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.7303200960159302},{"id":"https://openalex.org/C2777210771","wikidata":"https://www.wikidata.org/wiki/Q4927124","display_name":"Block (permutation group theory)","level":2,"score":0.5841224193572998},{"id":"https://openalex.org/C2780598303","wikidata":"https://www.wikidata.org/wiki/Q65921492","display_name":"Flexibility (engineering)","level":2,"score":0.5408565998077393},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5189387798309326},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.5101421475410461},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.41174155473709106},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.1716243326663971},{"id":"https://openalex.org/C33923547","wikidata":"https://www.wikidata.org/wiki/Q395","display_name":"Mathematics","level":0,"score":0.0},{"id":"https://openalex.org/C105795698","wikidata":"https://www.wikidata.org/wiki/Q12483","display_name":"Statistics","level":1,"score":0.0},{"id":"https://openalex.org/C2524010","wikidata":"https://www.wikidata.org/wiki/Q8087","display_name":"Geometry","level":1,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3368089.3409728","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3368089.3409728","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3368089.3409728","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering","raw_type":"proceedings-article"},{"id":"pmh:oai:eprints.ucl.ac.uk.OAI2:10167547","is_oa":false,"landing_page_url":"https://discovery.ucl.ac.uk/id/eprint/10167547/","pdf_url":null,"source":{"id":"https://openalex.org/S4306400024","display_name":"UCL Discovery (University College London)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I45129253","host_organization_name":"University College London","host_organization_lineage":["https://openalex.org/I45129253"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"     In:  ESEC/FSE 2020 - Proceedings of the 28th ACM Joint Meeting European Software Engineering Conference and Symposium on the Foundations of Software Engineering.  (pp. pp. 281-291).  Association for Computing Machinery (ACM): Virtual. (2020)     ","raw_type":"Proceedings paper"}],"best_oa_location":{"id":"doi:10.1145/3368089.3409728","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3368089.3409728","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3368089.3409728","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 28th ACM Joint Meeting on European Software Engineering Conference and Symposium on the Foundations of Software Engineering","raw_type":"proceedings-article"},"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions","score":0.7300000190734863}],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W3108419307.pdf","grobid_xml":"https://content.openalex.org/works/W3108419307.grobid-xml"},"referenced_works_count":19,"referenced_works":["https://openalex.org/W72463235","https://openalex.org/W1480909796","https://openalex.org/W1490597684","https://openalex.org/W1599739130","https://openalex.org/W1602828133","https://openalex.org/W1682877232","https://openalex.org/W1749560176","https://openalex.org/W1856491113","https://openalex.org/W2020992910","https://openalex.org/W2064070192","https://openalex.org/W2076004681","https://openalex.org/W2120255160","https://openalex.org/W2124260419","https://openalex.org/W2146356111","https://openalex.org/W2295791966","https://openalex.org/W2468070113","https://openalex.org/W2736027423","https://openalex.org/W2767683523","https://openalex.org/W4231515497"],"related_works":["https://openalex.org/W2393973626","https://openalex.org/W2107355607","https://openalex.org/W2012419258","https://openalex.org/W318167434","https://openalex.org/W1485764028","https://openalex.org/W1482564230","https://openalex.org/W4285408982","https://openalex.org/W2127259385","https://openalex.org/W2004929657","https://openalex.org/W3178932601"],"abstract_inverted_index":{"Data":[0],"stored":[1],"in":[2,18,182,233],"cloud":[3,147],"services":[4],"is":[5,13,231],"highly":[6],"sensitive":[7],"and":[8,121,203],"so":[9],"access":[10,64,72],"to":[11,30,43,58,65,73,104,109,162,172,192,240],"it":[12,230],"controlled":[14],"via":[15],"policies":[16,57,238],"written":[17],"domain-specific":[19],"languages":[20],"(DSLs).":[21],"The":[22,126],"expressiveness":[23],"of":[24,35,84,128,141,158,237],"these":[25],"DSLs":[26,131],"provides":[27],"users":[28],"flexibility":[29],"cover":[31],"a":[32,52,93,102,110,164,213],"wide":[33],"variety":[34],"uses":[36],"cases,":[37],"however,":[38],"unintended":[39,248],"misconfigurations":[40],"can":[41,115],"lead":[42],"potential":[44],"security":[45],"issues.":[46],"We":[47,197],"introduce":[48],"Block":[49,178,200],"Public":[50,179,201],"Access,":[51],"tool":[53],"that":[54,60,69,87,154,169,217,242],"formally":[55,88],"verifies":[56],"ensure":[59,241],"they":[61,70],"only":[62,171],"allow":[63],"trusted":[66],"principals,":[67],"i.e.":[68],"prohibit":[71],"the":[74,82,106,129,139,156,159,183,194,209,218],"general":[75],"public.":[76],"To":[77],"this":[78],"end,":[79],"we":[80,100,150],"formalize":[81],"notion":[83],"Trust":[85,124,188],"Safety":[86,189],"characterizes":[89],"whether":[90],"or":[91],"not":[92,246],"policy":[94,107,130,160,168,215],"allows":[95,177],"unconstrained":[96],"(public)":[97],"access.":[98,250],"Next,":[99],"present":[101,151,204],"method":[103],"compile":[105],"down":[108],"logical":[111],"formula":[112],"whose":[113],"unsatisfiability":[114,133],"be":[116],"(1)":[117],"checked":[118],"by":[119],"SMT":[120,195],"(2)":[122],"ensures":[123],"Safety.":[125],"constructs":[127],"render":[132],"checking":[134],"PSPACE-complete,":[135],"which":[136],"precludes":[137],"verifying":[138],"millions":[140,236],"requests":[142],"per":[143],"second":[144],"seen":[145],"at":[146,221],"scale.":[148],"Hence,":[149],"an":[152,205],"approach":[153,176],"leverages":[155],"structure":[157],"DSL":[161],"compute":[163],"much":[165],"smaller":[166],"residual":[167],"corresponds":[170],"untrusted":[173],"accesses.":[174],"Our":[175],"Access":[180,202],"to,":[181],"common":[184],"case,":[185],"syntactically":[186],"verify":[187],"without":[190],"having":[191],"query":[193],"solver.":[196],"have":[198],"implemented":[199],"evaluation":[206],"showing":[207],"how":[208],"above":[210],"optimization":[211],"yields":[212],"low-latency":[214],"verifier":[216],"S3":[219],"team":[220],"AWS":[222],"has":[223],"integrated":[224],"into":[225],"their":[226],"authorization":[227],"system,":[228],"where":[229],"currently":[232],"production,":[234],"analyzing":[235],"everyday":[239],"client":[243],"buckets":[244],"do":[245],"grant":[247],"public":[249]},"counts_by_year":[{"year":2025,"cited_by_count":4},{"year":2024,"cited_by_count":4},{"year":2023,"cited_by_count":4},{"year":2022,"cited_by_count":7},{"year":2021,"cited_by_count":3}],"updated_date":"2026-04-04T16:13:02.066488","created_date":"2025-10-10T00:00:00"}