Visualization-based policy analysis for SELinux: Framework and user study

Wenjuan Xu, Mohamed Shehab, Gail-Joon Ahn

Research output: Contribution to journalArticle

8 Scopus citations

Abstract

In this paper, we propose a visualization-based policy analysis framework that enables system administrators to query and visualize security policies and to easily identify the policy violations, especially focused on SELinux. Furthermore, we propose a visual query language for expressing policy queries in a visual form. Our framework provides an intuitive cognitive sense about the policy, policy queries and policy violations. We also describe our implementation of a visualization-based policy analysis tool that supports the functionalities discussed in our framework. In addition, we discuss our study on usability of our tool with evaluation criteria and experimental results.

Original languageEnglish (US)
Pages (from-to)155-171
Number of pages17
JournalInternational Journal of Information Security
Volume12
Issue number3
DOIs
StatePublished - Jun 1 2013

Keywords

  • Policy analysis
  • SELinux
  • Visualization-based

ASJC Scopus subject areas

  • Software
  • Information Systems
  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Visualization-based policy analysis for SELinux: Framework and user study'. Together they form a unique fingerprint.

  • Cite this