LEOPARD: Accelerating Cloud-based Access Control Policy Verification Using Logical Encoding Optimization
Fang, Xing Ding, Feiyan Song, Mingyuan Zhao, Yuntao You, Lizhao Xiang, Qiao Kong, Linghe Shu, Jiwu Liu, Xue
Fang, Xing
Ding, Feiyan
Song, Mingyuan
Zhao, Yuntao
You, Lizhao
Xiang, Qiao
Kong, Linghe
Shu, Jiwu
Liu, Xue
Supervisor
Department
Machine Learning
Embargo End Date
Type
Conference proceeding
Date
License
Language
Collections
Research Projects
Organizational Units
Journal Issue
Abstract
Cloud providers offer users Satisfiability Modulo Theories (SMT) based verifiers to ensure the correctness of their access control policies. One fundamental challenge in designing these verifiers is achieving high efficiency. In this paper, we identify that a significant source of inefficiency in existing access control policy verifiers is the redundant logical encoding of the verification problem. To address this, we integrate formula slicing and simplification techniques specifically tailored for access control policy verification and introduce LEOPARD, a logical encoding optimization method designed to accelerate cloud-based access control policy verification. LEOPARD introduces two novel approaches to systematically prune redundant formulas unrelated to the desired properties, leveraging both structural and semantic analysis. We constructed two high-fidelity synthetic datasets to validate our approach. Extensive evaluation results show that LEOPARD outperforms state-of-the-art SMT-based policy verifiers in terms of efficiency.
Citation
X. Fang, F. Ding, M. Song, Y. Zhao, L. You, Q. Xiang , et al., "LEOPARD: Accelerating Cloud-based Access Control Policy Verification Using Logical Encoding Optimization," 2025, pp. 1-10.
Source
2025 IEEE/ACM 33rd International Symposium on Quality of Service (IWQoS)
Conference
IEEE/ACM 33rd International Symposium on Quality of Service (IWQoS)
Keywords
46 Information and Computing Sciences, 4602 Artificial Intelligence, 4604 Cybersecurity and Privacy, 4606 Distributed Computing and Systems Software, 7 Affordable and Clean Energy
Subjects
Source
IEEE/ACM 33rd International Symposium on Quality of Service (IWQoS)
Publisher
IEEE