A comment on the `basic security theorem' of Bell and LaPadula
Information Processing Letters
A Linear Time Algorithm for Deciding Subject Security
Journal of the ACM (JACM)
Protection in operating systems
Communications of the ACM
Database Management Systems
Lattice-Based Access Control Models
Computer
The transfer of information and authority in a protection system
SOSP '79 Proceedings of the seventh ACM symposium on Operating systems principles
Policy management using access control spaces
ACM Transactions on Information and System Security (TISSEC)
Verifying information flow goals in security-enhanced Linux
Journal of Computer Security - Special issue on WITS'03
Microsoft Windows Internals, Fourth Edition: Microsoft Windows Server(TM) 2003, Windows XP, and Windows 2000 (Pro-Developer)
Security policy analysis using deductive spreadsheets
Proceedings of the 2007 ACM workshop on Formal methods in security engineering
Extending logical attack graphs for efficient vulnerability analysis
Proceedings of the 15th ACM conference on Computer and communications security
EON: modeling and analyzing dynamic access control systems with logic programs
Proceedings of the 15th ACM conference on Computer and communications security
Modeling the trust boundaries created by securable objects
WOOT'08 Proceedings of the 2nd conference on USENIX Workshop on offensive technologies
Rewrite Based Specification of Access Control Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Static and dynamic analysis: better together
APLAS'07 Proceedings of the 5th Asian conference on Programming languages and systems
Towards analyzing complex operating system access control configurations
Proceedings of the 15th ACM symposium on Access control models and technologies
Analyzing explicit information flow
ICISS'10 Proceedings of the 6th international conference on Information systems security
SEAL: a logic programming framework for specifying and verifying access control models
Proceedings of the 16th ACM symposium on Access control models and technologies
Hi-index | 0.00 |
We present netra, a tool for systematically analyzing and detecting explicit information-flow vulnerabilities in access-control configurations. Our tool takes a snapshot of the access-control metadata, and performs static analysis on this snapshot. We devise an augmented relational calculus that naturally models both access control mechanisms and information-flow policies uniformly. This calculus is interpreted as a logic program, with a fixpoint semantics similar to Datalog, and produces all access tuples in a given configuration that violate properties of interest. Our analysis framework is programmable both at the model level and at the property level, effectively separating mechanism from policy. We demonstrate the effectiveness of this modularity by analyzing two systems with very different mechanisms for access control---Windows XP and SELinux---with the same specification of information-flow vulnerabilities. netra finds vulnerabilities in default configurations of both systems.