A unified framework for enforcing multiple access control policies
SIGMOD '97 Proceedings of the 1997 ACM SIGMOD international conference on Management of data
A modular approach to composing access control policies
Proceedings of the 7th ACM conference on Computer and communications security
An algebra for composing access control policies
ACM Transactions on Information and System Security (TISSEC)
Managing access control policies using access control spaces
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Towards Federated Policy Management
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Analyzing Security-Enhanced Linux Policy Specifications
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Towards a formal model for security policies specification and validation in the selinux system
Proceedings of the ninth ACM symposium on Access control models and technologies
Analyzing integrity protection in the SELinux example policy
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Usable Global Network Access Policy for Process Control Systems
IEEE Security and Privacy
Modeling and Management of Firewall Policies
IEEE Transactions on Network and Service Management
Hi-index | 0.00 |
In modern networked systems with many machines and traffic control devices (such as firewalls), it is difficult to determine the overall effect of the security policies and configurations implemented inside the operating system and network devices. This paper describes PolicyGlobe, a framework to integrate operating system and network security policies. Using the idea of accessibility sets, PolicyGlobe integrates the Security Enhanced Linux (SE-Linux) access control policies with firewall configurations and traffic control policies. Using this framework, it is possible to construct a global accessibility set for each process in the system. PolicyGlobe makes it possible to determine the global effect of the local security policies and firewall configurations and answer the basic questions "can a subject in one machine access an object in another machine?" We have developed the integration algorithms, optimized the algorithms, implemented the entire framework, and conducted empirical studies on it. The studies show that in a network of 10 densely connected machines each with a large SE-Linux policy (~275,000 lines of rules), PolicyGlobe can build the global accessibility sets in about 10 minutes. In a system with a more limited connectivity, the analysis takes a much shorter amount of time.