Title :
Model-based safety analysis of SELinux security policies
Author :
Amthor, Peter ; Kühnhauser, Winfried E. ; Pölck, Anja
Author_Institution :
Ilmenau Univ. of Technol., Ilmenau, Germany
Abstract :
Since security has become an essential asset in numerous application areas, the integration of security policies has become a major issue in the design of security architectures, and many commodity operating systems have been furnished with abstractions to support policy protection and enforcement. Given a security policy´s key position in defining and implementing a system´s security properties, quality attributes such as policy correctness, completeness, or consistency are essential objectives in policy engineering. On the other hand, considering the large amount of their responsibilities, security policies often are large and complex, rendering the analysis and proof of crucial quality attributes difficult. This paper is a step towards tool-supported security policy analysis. It presents a model-based approach to analyze the dynamic proliferation of access rights in a policy-controlled SELinux access control system.
Keywords :
Linux; authorisation; SELinux access control system; SELinux security policies; dynamic proliferation; engineering policy; operating systems; safety analysis; security architectures; security policies integration; Access control; Analytical models; Calculus; Context; Safety; Servers; HRU security models; Security Enhanced Linux; Security engineering; access control; security architectures; security models; security policies;
Conference_Titel :
Network and System Security (NSS), 2011 5th International Conference on
Conference_Location :
Milan
Print_ISBN :
978-1-4577-0458-1
DOI :
10.1109/ICNSS.2011.6060002
