Role-based authorization constraints specification
ACM Transactions on Information and System Security (TISSEC)
Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
Linux Security Modules: General Security Support for the Linux Kernel
Proceedings of the 11th USENIX Security Symposium
The role control center: features and case studies
Proceedings of the eighth ACM symposium on Access control models and technologies
Specifying and enforcing constraints in role-based access control
Proceedings of the eighth ACM symposium on Access control models and technologies
A stratification-based approach for handling conflicts in access control
Proceedings of the eighth ACM symposium on Access control models and technologies
Methods and Limitations of Security Policy Reconciliation
SP '02 Proceedings of the 2002 IEEE Symposium on Security and Privacy
A Logical Language for Expressing Authorizations
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
LOMAC: Low Water-Mark Integrity Protection for COTS Environments
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Security Policy Reconciliation in Distributed Computing Environments
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Analyzing integrity protection in the SELinux example policy
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
PRIMA: policy-reduced integrity measurement architecture
Proceedings of the eleventh ACM symposium on Access control models and technologies
Supporting access control policies across multiple operating systems
Proceedings of the 43rd annual Southeast regional conference - Volume 2
Managing heterogeneous network environments using an extensible policy framework
ASIACCS '07 Proceedings of the 2nd ACM symposium on Information, computer and communications security
Managing the risk of covert information flows in virtual machine systems
Proceedings of the 12th ACM symposium on Access control models and technologies
Proceedings of the 12th ACM symposium on Access control models and technologies
Visualization based policy analysis: case study in SELinux
Proceedings of the 13th ACM symposium on Access control models and technologies
Security enhanced Linux to enforce mandatory access control in health information systems
HDKM '08 Proceedings of the second Australasian workshop on Health data and knowledge management - Volume 80
The separation of duty with privilege calculus
RSKT'08 Proceedings of the 3rd international conference on Rough sets and knowledge technology
OTM'11 Proceedings of the 2011th Confederated international conference on On the move to meaningful internet systems - Volume Part I
Information flow query and verification for security policy of security-enhanced linux
IWSEC'06 Proceedings of the 1st international conference on Security
Extensible policy framework for heterogeneous network environments
International Journal of Information and Computer Security
Hi-index | 0.00 |
In this paper, we define constraint conflicts and examine properties that may aid in guiding their resolution. A constraint conflict is an inconsistency between the access control policy and the constraints specified to limit that policy. For example, a policy that permits a high integrity subject to access low integrity data is in conflict with a Biba integrity constraint. Constraint conflicts differ from typical policy conflicts in that constraints are never supposed to be violated. That is, a conflict with a constraint results in a policy compilation error, whereas policy conflicts are resolved at runtime. As we have found in the past, when constraint conflicts occur in a specification a variety of resolutions are both possible and practical. In this paper, we detail some key formal properties of constraint conflicts and show how these are useful in guiding conflict resolution. We use the SELinux example policy for Linux 2.4.19 as the source of our constraint conflicts and resolution examples. The formal properties are used to guide the selection of resolutions and provide a basis for a resolution language that we apply to resolve conflicts in the SELinux example policy.