loading
Papers

Research.Publish.Connect.

Paper

Paper Unlock

Author: Peter Amthor

Affiliation: Ilmenau University of Technology, Germany

ISBN: 978-989-758-117-5

Keyword(s): Security Engineering, Security Policies, Access Control Models, Operating System Security, SELinux.

Related Ontology Subjects/Areas/Topics: Access Control ; Data Engineering ; Databases and Data Security ; Formal Methods for Security ; Information and Systems Security ; Internet Technology ; Security and Privacy Policies ; Security Engineering ; Security in Information Systems ; Web Information Systems and Technologies

Abstract: Modern operating systems increasingly rely on enforcing mandatory access control through the use of security policies. Given the critical property of policy correctness in such systems, formal methods and models are applied for both specification and verification of these policies. Due to the heterogeneity of their respective semantics, this is an intricate and error-prone engineering process. However, diverse access control systems on the one hand and diverse formal criteria of correctness on the other hand have so far impeded a unifying framework for this task. This paper presents a step towards this goal. We propose to leverage core-based model engineering, a uniform approach to security policy formalization, and refine it by adding typical semantic abstractions of contemporary policy-controlled operating systems. This results in a simple, yet highly flexible framework for formalization, specification and analysis of operating system security policies. We substantiate this claim by applying our method to the SELinux system and practically demonstrate how to map policy semantics to an instance of the model. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 100.24.122.228

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Amthor, P. (2015). A Uniform Modeling Pattern for Operating Systems Access Control Policies with an Application to SELinux.In Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015) ISBN 978-989-758-117-5, pages 88-99. DOI: 10.5220/0005551000880099

@conference{secrypt15,
author={Peter Amthor.},
title={A Uniform Modeling Pattern for Operating Systems Access Control Policies with an Application to SELinux},
booktitle={Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)},
year={2015},
pages={88-99},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005551000880099},
isbn={978-989-758-117-5},
}

TY - CONF

JO - Proceedings of the 12th International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2015)
TI - A Uniform Modeling Pattern for Operating Systems Access Control Policies with an Application to SELinux
SN - 978-989-758-117-5
AU - Amthor, P.
PY - 2015
SP - 88
EP - 99
DO - 10.5220/0005551000880099

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.