NETRA: Seeing through access control

Proceedings of the Fourth ACM Workshop on Formal Methods in Security Engineering, FMSE'06. A workshop held in conjuction with the 13th ACM Conference on Computer and Communications Security, CCS'06

Volumn , Issue , 2006, Pages 55-66

  Naldurg, Prasad ^a   Schwoon, Stefan ^b   Rajamani, Sriram ^a   Lambert, John ^c  

^a MICROSOFT RESEARCH   (United States)

^b UNIVERSITY OF STUTTGART   (Germany)

^c MICROSOFT   (United States)

Author keywords

Privilege escalation; Static analysis; Vulnerability reports

Indexed keywords

DATA FLOW ANALYSIS; INFORMATION THEORY; LOGIC PROGRAMMING; MATHEMATICAL MODELS; SEMANTICS; STATIC ANALYSIS;

ACCESS-CONTROL CONFIGURATIONS; PRIVILEGE ESCALATION; VULNERABILITY REPORTS;

ACCESS CONTROL;

EID: 34547327908     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1180337.1180343     Document Type: Article

References (20)

1. BELL, D., AND LAPADULA, D. Secure computer systems: Mathematical foundations. Tech. rep., MTR-2547, Volume I, Mitre Corporation, 1993.
2. BISHOP, M., AND SNYDER, L. The transfer of information and authority in a protection system. In Proc. SOSP (1979), ACM Press, pp. 45-54.
3. CHEN, S., DUNAGAN, J., VERBOWSKI, C., AND WANG, Y.-M. A black-box tracing technique to identify causes of least-privilege incompatibilities. In Proc. NDSS (2005).
4. GOVINDAVAJHALA, S., AND APPEL, A. Windows access control demystified. Tech. rep., Princeton University, 2006.
5. GUTTMAN, J. D., HERZOG, A. L., RAMSDELL, J. D., AND SKORUPKA, C. W. Verifying information flow goals in Security-Enhanced Linux. J. Comput. Secur. 13, 1 (2005), 115-134.
6. HARRISON, M. A., RUZZO, W. L., AND ULLMAN, J. D. Protection in operating systems. Commun. ACM 19, 8 (1976), 461-471.
7. HERZOG, A., AND GUTTMAN, J. Achieving security goals with Security-Enhanced Linux. Tech. rep., Mitre Corporation, 2002.
8. HINRICHS, S., AND NALDURG, P. Attack-based domain transition analysis. In 2nd Annual Security Enhanced Linux Symposium (2006).
9. JAEGER, T., ZHANG, X., AND CACHEDA, F. Policy management using access control spaces. ACM Trans. Inf. Syst. Secur. 6, 3 (2003), 327-364.
10. LAMBERT, J. Security analysis. Personal communication.
11. LIPTON, R. J., AND SNYDER, L. A linear time algorithm for deciding subject security. J. ACM 24, 3 (1977), 455-464.
12. LOSCOCCO, P. A., SMALLEY, S. D., MUCKELBAUER, P. A., TAYLOR, R. C., TURNER, S. J., AND FARRELL, J. F. The inevitability of failure: The flawed assumption of security in modern computing environments. In Proc. NISSC (1998).
13. MCLEAN, J. A comment on the 'basic security theorem' of Bell and LaPadula. Inf. Process. Lett. 20, 2 (1985), 67-70.
14. MCLEAN, J. The specification and modeling of computer security. Computer 23, 1 (1990), 9-16.
15. RAMAKRISHNAN, R., AND GEHRKE, J. Database Management Systems. McGraw-Hill Science/Engineering/Math, 2002.
16. RUSINOVICH, M. E., AND SOLOMON, D. A. Microsoft Windows Internals, Fourth Edition: Microsoft Windows Server 2003, Windows XP, and Windows 2000. Microsoft Press, 2005.
17. SANDHU, R. S. Lattice-based access control models. Computer 26, 11 (1993), 9-19.
18. SMALLEY, S. Configuring the SELinux Policy. NAI Laboratories, 2005.
19. SYME, D. F#. http://research.microsoft.com/fsharp/fsharp.aspx.
20. TRESYS TECHNOLOGY. Apol:SE Policy Tools for SELinux. http://www.tresys.com/selinux/selinux_policy_tools.shtml.