Maia: A Language for Mandatory Integrity Controls of Structured Data

Wassnaa Al-Mawee; Paul Bonamy; Steve Carr; Jean Mayo

doi:10.5220/0007344802570265

Maia: A Language for Mandatory Integrity Controls of Structured Data

Wassnaa Al-Mawee, Paul Bonamy, Steve Carr, Jean Mayo

2019

Abstract

The integrity of systems files is necessary for the secure functioning of an operating system. Integrity is not generally discussed in terms of complete computer systems. Instead, integrity issues tend to be either tightly coupled to a particular domain (e.g. database constraints), or else so broad as to be useless except after the fact (e.g. backups). Often, file integrity is determined by who modifies the file or by a checksum. This paper focuses on a general model of the internal integrity of a file. Even if a file is modified by a subject with trust or has a valid checksum, it may not meet the specification of a valid file. An example would be a password file with no user assigned a user id of 0. In this paper, we describe a language called Maia that provides a means to specify what the contents of a valid file should be. Maia can be used to specify the format and valid properties of system configuration files, PNG files and others. We give a structural operational semantics of Maia and discuss an initial implementation within a mandatory integrity system.

Download

Paper Citation

in Harvard Style

Al-Mawee W., Bonamy P., Carr S. and Mayo J. (2019). Maia: A Language for Mandatory Integrity Controls of Structured Data.In Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP, ISBN 978-989-758-359-9, pages 257-265. DOI: 10.5220/0007344802570265

in Bibtex Style

@conference{icissp19,
author={Wassnaa Al-Mawee and Paul Bonamy and Steve Carr and Jean Mayo},
title={Maia: A Language for Mandatory Integrity Controls of Structured Data},
booktitle={Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,},
year={2019},
pages={257-265},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0007344802570265},
isbn={978-989-758-359-9},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 5th International Conference on Information Systems Security and Privacy - Volume 1: ICISSP,
TI - Maia: A Language for Mandatory Integrity Controls of Structured Data
SN - 978-989-758-359-9
AU - Al-Mawee W.
AU - Bonamy P.
AU - Carr S.
AU - Mayo J.
PY - 2019
SP - 257
EP - 265
DO - 10.5220/0007344802570265