Systematic Policy Analysis for High-Assurance Services in SELinux

@article{Ahn2008SystematicPA,
  title={Systematic Policy Analysis for High-Assurance Services in SELinux},
  author={Gail-Joon Ahn and Wenjuan Xu and Xinwen Zhang},
  journal={2008 IEEE Workshop on Policies for Distributed Systems and Networks},
  year={2008},
  pages={3-10}
}
Identifying and protecting the trusted computing base (TCB) of a system is an important task to provide high- assurance services since a set of trusted subjects should be legitimately articulated for target applications. In this paper, we present a formal policy analysis framework to identify TCB with the consideration of specific security goals. We also attempt to model information flows between domains in SELinux policies and detect security violations among information flows using colored… CONTINUE READING

Figures, Tables, and Topics from this paper.

Explore Further: Topics Discussed in This Paper

Citations

Publications citing this paper.
SHOWING 1-10 OF 15 CITATIONS

A Collaborative Network Services Management Based on Semantic Temporal Logic

Yiqiu Xu, Liwei Wang, Shi Yan
  • 2011 Third Pacific-Asia Conference on Circuits, Communications and System (PACCS)
  • 2011
VIEW 3 EXCERPTS
CITES BACKGROUND & METHODS
HIGHLY INFLUENCED

Research on Android Access Control Based on Isolation Mechanism

  • 2016 13th Web Information Systems and Applications Conference (WISA)
  • 2016
VIEW 3 EXCERPTS

WorSE: A Workbench for Model-based Security Engineering

VIEW 2 EXCERPTS
CITES BACKGROUND & METHODS

Remote Attestation with Domain-Based Integrity Model and Policy Analysis

  • IEEE Transactions on Dependable and Secure Computing
  • 2012
VIEW 1 EXCERPT
CITES METHODS

Study on analysis for SELinux security policy

  • 2012 International Conference on Systems and Informatics (ICSAI2012)
  • 2012
VIEW 1 EXCERPT
CITES METHODS

Knowledge-Based Policy Conflict Analysis in Mobile Social Networks

  • 2011 Proceedings of 20th International Conference on Computer Communications and Networks (ICCCN)
  • 2011
VIEW 2 EXCERPTS
CITES METHODS & BACKGROUND

Model-based safety analysis of SELinux security policies

  • 2011 5th International Conference on Network and System Security
  • 2011
VIEW 3 EXCERPTS
CITES BACKGROUND

Dynamic policy conflict analysis for collaborative web services

  • 2010 International Conference on Network and Service Management
  • 2010
VIEW 2 EXCERPTS
CITES BACKGROUND & METHODS

References

Publications referenced by this paper.
SHOWING 1-10 OF 15 REFERENCES

Lattice-based access control models

  • Computer
  • 1993
VIEW 8 EXCERPTS
HIGHLY INFLUENTIAL

Analyzing Integrity Protection in the SELinux Example Policy

  • USENIX Security Symposium
  • 2003
VIEW 10 EXCERPTS
HIGHLY INFLUENTIAL

and L

R. Sailer, X. Zhang, T. Jaeger
  • van Doorn. Design and implementation of a TCG-based integrity measurement architecture. In USENIX Security Symposium
  • 2004
VIEW 1 EXCERPT

Design and implementation of a TCG - based integrity measurement architecture

X. Zhang Sailer, T. Jaeger, L. van Doorn
  • Coloured Petri nets : basic concepts , analysis methods and practical use , volume 3
  • 1997