Systematic Policy Analysis for High-Assurance Services in SELinux

Author

Ahn, Gail-Joon ; Xu, Wenjuan ; Zhang, Xinwen

Author_Institution

Univ. of North Carolina at Charlotte, Charlotte, NC

fYear

2008

fDate

2-4 June 2008

Firstpage

Lastpage

Abstract

Identifying and protecting the trusted computing base (TCB) of a system is an important task to provide high- assurance services since a set of trusted subjects should be legitimately articulated for target applications. In this paper, we present a formal policy analysis framework to identify TCB with the consideration of specific security goals. We also attempt to model information flows between domains in SELinux policies and detect security violations among information flows using colored Petri nets.

Keywords

Linux; Petri nets; security of data; systems analysis; SELinux; colored Petri nets; formal policy analysis framework; high-assurance services; systematic policy analysis; trusted computing base; Application software; Computer networks; Conferences; Distributed computing; Information analysis; Information security; Lattices; National security; Petri nets; Protection; Policy Analysis; SELinux;

fLanguage

English

Publisher

ieee

Conference_Titel

Policies for Distributed Systems and Networks, 2008. POLICY 2008. IEEE Workshop on

Conference_Location

Palisades, NY

Print_ISBN

978-0-7695-3133-5

Type

conf

DOI

10.1109/POLICY.2008.18

Filename

4556572

Link To Document

https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2008545