Towards a Formal Model for Security Policies Specification and Validation in the SELinux System

Giorgio Zanin; Luigi Vincenzo Mancini

首页> 外文期刊>ACM Symposium on Access Control Models and Technologies >Towards a Formal Model for Security Policies Specification and Validation in the SELinux System

【24h】

Towards a Formal Model for Security Policies Specification and Validation in the SELinux System

机译：建立SELinux系统中安全策略规范和验证的正式模型

获取原文

获取原文并翻译 | 示例

掌桥外文数据库（机构版） >>

开具论文收录证明 >>

文献代查 >>

页面导航

摘要
著录项
相似文献
相关主题

摘要

This paper presents a formal model, called SELAC, for analyzing an arbitrary security policy configuration for the SELinux system. A security policy for SELinux is complex and large: it is made by many configuration rules that refer to the access control submodels implemented in the system. Among the rules composing a security policy configuration, many relationships occur and it is extremely difficult to understand their overall effects in the system. Our aim is to define semantics for the constructs of the SELinux configuration language and to model the relationships occurring among sets of configuration rules. Finally, we develop an algorithm based upon SELAC, which can verify whether, given an arbitrary security policy configuration, a given subject can access a given object in a given mode.

机译：本文提出了一种称为SELAC的正式模型，用于分析SELinux系统的任意安全策略配置。 SELinux的安全策略复杂而又庞大：它是由许多配置规则制定的，这些配置规则引用了系统中实现的访问控制子模型。在组成安全策略配置的规则中，发生了许多关系，并且很难理解它们在系统中的整体效果。我们的目标是为SELinux配置语言的构造定义语义，并为配置规则集之间发生的关系建模。最后，我们开发了一种基于SELAC的算法，该算法可以验证在给定任意安全策略配置的情况下，给定的主体是否可以给定的模式访问给定的对象。

著录项

来源
《ACM Symposium on Access Control Models and Technologies》 |2004年第2004suppla期|共10页
作者
Giorgio Zanin; Luigi Vincenzo Mancini;
展开▼
作者单位

展开▼
收录信息
原文格式 PDF
正文语种 eng
中图分类计算技术、计算机技术;
关键词
Security Enhanced Linux; Configuration; Formal Model;

机译：安全增强型Linux;配置;正式模型;

相似文献

外文文献
中文文献
专利

1. Towards a Formal Model for Security Policies Specification and Validation in the SELinux System [J] . Giorgio Zanin, Luigi Vincenzo Mancini ACM Symposium on Access Control Models and Technologies . 2004,第2004Suppla期

机译：建立SELinux系统中安全策略规范和验证的正式模型
2. Formal validation of automated policy refinementin the management of network security systems [J] . Joao Porto de Albuquerque, Heiko Krumm, Paulo Licio de Geus International Journal of Information Security . 2010,第2期

机译：正式验证网络安全系统管理中的自动策略优化
3. Specification and validation of a security policy model [J] . Boswell A. IEEE Transactions on Software Engineering . 1995,第2期

机译：规范和验证安全策略模型
4. Towards a formal model for security policies specification and validation in the selinux system [C] . Giorgio Zanin, Luigi Vincenzo Mancini ACM symposium on Access control models and technologies . 2004

机译：建立selinux系统中安全策略规范和验证的正式模型
5. Combining semi-formal and formal notations in software specification: An approach to modelling time-constrained systems. [D] . Dascalu, Sergiu-Mihai. 2001

机译：在软件规范中结合半正式和正式的符号：一种建模时间受限系统的方法。
6. Formal Specification and Validation of a Hybrid Connectivity Restoration Algorithm for Wireless Sensor and Actor Networks [O] . Muhammad Imran, Nazir Ahmad Zafar 2012

机译：无线传感器和Actor网络的混合连接性恢复算法的正式规范和验证
7. Formal specification and validation of security policies [O] . Tony Bourdier, Horatiu Cirstea, Mathieu Jaume, 2016

机译：安全策略的正式规范和验证
8. Agent-Based Model of Information Security System: Architecture and Formal Framework for Coordinated Intelligent Agents Behavior Specification. [R] . Gorodetski, V. 2001

机译：基于agent的信息安全系统模型：协调智能代理行为规范的体系结构和形式框架。

Towards a Formal Model for Security Policies Specification and Validation in the SELinux System

摘要

著录项

相似文献

相关主题

期刊订阅