Information Tools for Security Protection

摘要

This report describes the three tools built for the Information Security Tools project. Each of these tools provides a way of helping a user uncover potential security problems arising from the composition of parts of a system. The intent of this work was to provide tools usable by trained, but not necessarily expert, security personnel. The System Security Analysis Tool helps a user to model and analyze the security of systems. It provides a way to combine a security analysis of a generic architecture with the specific requirements of a particular system. The Application System Call Analysis Tool is used to identify a trusted application's system calls, and display potential problems or limitations associated with those calls. It is intended for use with an HP-CMW. The Application Installation Analysis Tool is used to check the access-control policy of a trusted application on an HP-CMW using a vendor's abstract policy, installation parameters, and the current state of the system. It provides a way of identifying differences between the way an access control policy is implemented and the vendor's policy.