TY - GEN
T1 - Systematic policy analysis for high-assurance services in SELinux
AU - Ahn, Gail Joon
AU - Xu, Wenjuan
AU - Zhang, Xinwen
N1 - Copyright:
Copyright 2011 Elsevier B.V., All rights reserved.
PY - 2008
Y1 - 2008
N2 - Identifying and protecting the trusted computing base (TCB) of a system is an important task to provide high-assurance services since a set of trusted subjects should be legitimately articulated for target applications. In this paper, we present a formal policy analysis framework to identify TCB with the consideration of specific security goals. We also attempt to model information flows between domains in SELinux policies and detect security violations among information flows using Colored Petri Nets.
AB - Identifying and protecting the trusted computing base (TCB) of a system is an important task to provide high-assurance services since a set of trusted subjects should be legitimately articulated for target applications. In this paper, we present a formal policy analysis framework to identify TCB with the consideration of specific security goals. We also attempt to model information flows between domains in SELinux policies and detect security violations among information flows using Colored Petri Nets.
UR - http://www.scopus.com/inward/record.url?scp=51849128388&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=51849128388&partnerID=8YFLogxK
U2 - 10.1109/POLICY.2008.18
DO - 10.1109/POLICY.2008.18
M3 - Conference contribution
AN - SCOPUS:51849128388
SN - 9780769531335
T3 - Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008
SP - 3
EP - 10
BT - Proceedings - 2008 IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008
T2 - 9th IEEE Workshop on Policies for Distributed Systems and Networks, POLICY 2008
Y2 - 2 June 2008 through 4 June 2008
ER -