Access control mechanisms have been adopted in many real-world systems to control resource sharing for the principals in the system. An error in the access control policy (misconfiguration) can easily cause severe data leakage and system exploitation. Researchers have developed several methodologies to detect the access control misconfigurations through data mining, testing, and verification for various applications. This survey will study the line of works to detect access control misconfigurations and discuss some future research directions.

翻译：访问控制机制已经在许多实际系统中被采用来控制系统中的主体资源共享。访问控制策略中的错误（配置错误）可能会导致严重的数据泄露和系统利用。研究人员已经开发了几种方法来通过数据挖掘、测试和验证来检测各种应用程序中的访问控制配置错误。本综述将研究检测访问控制配置错误的方法，并讨论一些未来的研究方向。