Name
Abstract | ||
|---|---|---|
Security-critical system requirements are increasingly enforced through mandatory access control systems. These systems are controlled by security policies, highly sensitive system components, which emphasizes the paramount importance of formally verified security properties regarding policy correctness. For the class of safety-properties, addressing potential dynamic right proliferation, a number of known and tested formal analysis methods and tools already exist. Unfortunately, these methods need to be redesigned from scratch for each particular policy from a broad range of different application domains. In this paper, we seek to mitigate this problem by proposing a uniform formal framework, tailorable to a safety analysis algorithm for a specific application domain. We present a practical workflow, guided by model-based knowledge, that is capable of producing a meaningful formal safety definition along with an algorithm to heuristically analyze that safety. Our method is demonstrated based on security policies for the SELinux operating system. Keywords: Security engineering, security policies, access control systems, access control models, safety, heuristic analysis, SELinux. |
Year | Venue | Field |
|---|---|---|
2017 | arXiv: Cryptography and Security | Computer science,Security engineering,Computer security,Correctness,Risk analysis (engineering),Mandatory access control,Application domain,Access control,Security policy,System requirements,Workflow |
DocType | Volume | Citations |
Journal | abs/1706.03536 | 0 |
PageRank | References | Authors |
0.34 | 0 | 1 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Peter Amthor | 1 | 13 | 3.24 |