PolicyReplay: Misconfiguration-Response Queries for Data Breach Reporting

  title={PolicyReplay: Misconfiguration-Response Queries for Data Breach Reporting},
  author={Daniel Fabbri and Kristen LeFevre and Qiang Zhu},
Recent legislation has increased the requirements of organizations to report data breaches, or unauthorized access to data. While access control policies are used to restrict access to a database, these policies are complex and difficult to configure. As a result, misconfigurations sometimes allow users access to unauthorized data. In this paper, we consider the problem of reporting data breaches after such a misconfiguration is detected. To locate past SQL queries that may have revealed… CONTINUE READING
Highly Cited
This paper has 17 citations. REVIEW CITATIONS