A cryptographic access control architecture secure against privileged attackers
Proceedings of the 2007 ACM workshop on Computer security architecture
seL4: formal verification of an OS kernel
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
PolicyGlobe: a framework for integrating network and operating system security policies
Proceedings of the 2nd ACM workshop on Assurable and usable security configuration
Comprehensive formal verification of an OS microkernel
ACM Transactions on Computer Systems (TOCS)
| Hi-index | 0.00 |
NSA's Security-Enhanced (SE) Linux enhancesLinux by providing a specification language for securitypolicies and a Flask-like architecture with a securityserver for enforcing policies defined in the language. Itis natural for users to expect to be able to analyze theproperties of a policy from its specification in the policylanguage. But this language is very low level, makingthe high level properties of a policy difficult to deduce byinspection. For this reason, tools to help users with theanalysis are necessary. The NRL project on analyzingSE Linux policies aims first to use mechanized supportto analyze an example policy specification and then tocustomize this support for use by practitioners in theopen source software community. This paper describeshow we model policies in the analysis tool TAME, thekinds of analysis we can support, and prototype mechanical support to enable others to model their policiesin TAME. The paper concludes with some general observations on desirable properties for a policy language.