DocumentCode :
2543164
Title :
Verifying mediations of Linux Security Modules with BLAST
Author :
Li Xin
Author_Institution :
Tianjin Polytech. Univ., Tianjin, China
fYear :
2010
fDate :
16-18 April 2010
Firstpage :
371
Lastpage :
376
Abstract :
The Linux Security Modules (LSM) framework provides a flexible access control mechanism for the Linux kernel. While plenty of efforts were dedicated to put LSM into the kernel, there has been little work on verifying the correct placement of authorization hooks. This paper proposes an approach to verify the mediations of LSM using BLAST, a software model checker for C programs. We choose several subsystems in the Linux kernel source code to verify the mediations of controlling functions using our approach. We also discuss the effectiveness and limitations of our approach and the solutions for future improvement.
Keywords :
C language; Linux; authorisation; operating system kernels; program verification; BLAST; C programs; Linux kernel; Linux security modules; flexible access control mechanism; software model checker; Access control; Authorization; Instruments; Kernel; Linux; Mediation; Security; Software safety; Software tools; Specification languages; (SELinux); BLAST; C; Domain and Type Enforcement(DTE); Linux; Linux Security Modules (LSM); Security Enhanced; kernel;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Information Management and Engineering (ICIME), 2010 The 2nd IEEE International Conference on
Conference_Location :
Chengdu
Print_ISBN :
978-1-4244-5263-7
Electronic_ISBN :
978-1-4244-5265-1
Type :
conf
DOI :
10.1109/ICIME.2010.5477585
Filename :
5477585
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2543164
بازگشت