Visualization based policy analysis: case study in SELinux

Authors:
Wenjuan Xu;Mohamed Shehab;Gail-Joon Ahn
Affiliations:
University of North Carolina at Charlotte, Charlotte, NC;University of North Carolina at Charlotte, Charlotte, NC;University of North Carolina at Charlotte, Charlotte, NC
Venue:
Proceedings of the 13th ACM symposium on Access control models and technologies
Year:
2008

Citing 22
Cited 4

Empirical studies of end-user information searching

Journal of the American Society for Information Science
A lattice model of secure information flow

Communications of the ACM
Graph Visualization and Navigation in Information Visualization: A Survey

IEEE Transactions on Visualization and Computer Graphics
Integrating Flexible Support for Security Policies into the Linux Operating System

Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Policy management using access control spaces

ACM Transactions on Information and System Security (TISSEC)
Resolving constraint conflicts

Proceedings of the ninth ACM symposium on Access control models and technologies
VisFlowConnect: netflow visualizations of link relationships for security situational awareness

Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Managing attack graph complexity through visual hierarchical aggregation

Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security
Attestation-based policy enforcement for remote access

Proceedings of the 11th ACM conference on Computer and communications security
Visualization of Automated Trust Negotiation

VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Visual Firewall: Real-time Network Security Monito

VIZSEC '05 Proceedings of the IEEE Workshops on Visualization for Computer Security
Hierarchical Visualization of Network Intrusion Detection Data

IEEE Computer Graphics and Applications
PRIMA: policy-reduced integrity measurement architecture

Proceedings of the eleventh ACM symposium on Access control models and technologies
Matrices or node-link diagrams: which visual representation is better for visualising connectivity models?

Information Visualization
Understanding multistage attacks by attack-track based visualization of heterogeneous event streams

Proceedings of the 3rd international workshop on Visualization for computer security
Tool update: visflowconnect-IP with advanced filtering from usability testing

Proceedings of the 3rd international workshop on Visualization for computer security
Network Visualization by Semantic Substrates

IEEE Transactions on Visualization and Computer Graphics
Command line or pretty lines?: comparing textual and visual interfaces for intrusion detection

Proceedings of the SIGCHI Conference on Human Factors in Computing Systems
Visualizing NetFlows for security at line speed: the SIFT tool suite

LISA '05 Proceedings of the 19th conference on Large Installation System Administration Conference - Volume 19
Analyzing integrity protection in the SELinux example policy

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
PolicyVis: firewall security policy visualization and inspection

LISA'07 Proceedings of the 21st conference on Large Installation System Administration Conference
Path visualization for adjacency matrices

EUROVIS'07 Proceedings of the 9th Joint Eurographics / IEEE VGTC conference on Visualization

Towards System Integrity Protection with Graph-Based Policy Analysis

Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Role updating for assignments

Proceedings of the 15th ACM symposium on Access control models and technologies
Towards automatic update of access control policy

LISA'10 Proceedings of the 24th international conference on Large installation system administration
SPTrack: visual analysis of information flows within SELinux policies and attack logs

AMT'12 Proceedings of the 8th international conference on Active Media Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Determining whether a given policy meets a site's high-level security goals can be difficult, due to the low-level nature and complexity of the policy language, and the multiple policy violation patterns. In this paper, we propose a visualization-based policy analysis framework that enables system administrators to visually query and visualize SELinux security policies and to easily identify the policy violations. We propose and formalize both a semantic substrate and adjacency matrix visualization techniques for policy visualization. Furthermore, we propose a visual query language for expressing policy queries in a visual form. Our framework is targeted towards enabling the average administrator by providing an intuitive cognitive sense about the policy, policy queries and policy violations. We also describe our implementation of a visualization-based policy analysis tool that provides the functionalities discussed in our framework.