Managing access control policies using access control spaces
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Policy management using access control spaces
ACM Transactions on Information and System Security (TISSEC)
Towards a formal model for security policies specification and validation in the selinux system
Proceedings of the ninth ACM symposium on Access control models and technologies
Verifying information flow goals in security-enhanced Linux
Journal of Computer Security - Special issue on WITS'03
The flask security architecture: system support for diverse security policies
SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8
Shame on trust in distributed systems
HOTSEC'06 Proceedings of the 1st USENIX Workshop on Hot Topics in Security
From trusted to secure: building and executing applications that enforce system security
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
From trusted to secure: building and executing applications that enforce system security
ATC'07 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference
Verifying compliance of trusted programs
SS'08 Proceedings of the 17th conference on Security symposium
Simplifying security policy descriptions for internet servers in secure operating systems
Proceedings of the 2009 ACM symposium on Applied Computing
Analysis of virtual machine system policies
Proceedings of the 14th ACM symposium on Access control models and technologies
A specification language for information security policies
CIS'09 Proceedings of the international conference on Computational and information science 2009
Towards analyzing complex operating system access control configurations
Proceedings of the 15th ACM symposium on Access control models and technologies
A learning-based approach for SELinux policy optimization with type mining
Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research
Trusted subjects configuration based on TE model in MLS systems
INTRUST'10 Proceedings of the Second international conference on Trusted Systems
Comprehensive formal verification of an OS microkernel
ACM Transactions on Computer Systems (TOCS)
| Hi-index | 0.00 |
The SELinux mandatory access control (MAC) policy has recently added a multi-level security (MLS) model which is able to express a fine granularity of control over a subject's access rights. The problem is that the richness of this policy makes it impractical to verify, by hand, that a given policy has certain important information flow properties or is compliant with another policy. To address this, we have modeled the SELinux MLS policy using a logical specification and implemented that specification in the Prolog language. Furthermore, we have developed some analyses for testing the properties of a given policy as well an algorithm to determine whether one policy is compliant with another. We have implemented these analyses in Prolog and compiled our implementation into a tool for SELinux MLS policy analysis, called PALMS. Using PALMS, we verified some important properties of the SELinux MLS reference policy, namely that it satisfies the simple security condition and *-property defined by Bell and LaPadula [2].