Toward Automated Information-Flow Integrity Verification for Security-Critical Applications

Proceedings of the Symposium on Network and Distributed System Security, NDSS 2006

Volumn , Issue , 2006, Pages

  Shankar, Umesh ^a   Jaeger, Trent ^b   Sailer, Reiner ^c  

^a UNIVERSITY OF CALIFORNIA   (United States)

^b PENNSYLVANIA STATE UNIVERSITY   (United States)

^c IBM T J WATSON RESEARCH CENTER   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

AUTOMATION; INFORMATION FILTERING; NETWORK SECURITY; VERIFICATION;

AUTOMATED INFORMATION; AUTOMATED SYSTEMS; CLARK-WILSON; INFORMATION FLOWS; INTEGRITY MODELS; INTEGRITY VERIFICATIONS; MISCONFIGURATIONS; PROPERTY; SECURITY CRITICAL APPLICATIONS; SELINUX;

SEMANTICS;

EID: 79955682848     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (27)

1. D. Bell and L. La Padula. Secure Computer Systems: Mathematical Foundations (Volume 1). Technical Report ESD-TR-73-278, Mitre Corporation, 1973.
2. K. J. Biba. Integrity considerations for secure computer systems. Technical Report MTR-3153, Mitre Corporation, Mitre Corp, Bedford MA, June 1975.
3. th USENIX Security Symposium, August 2003
4. th National Computer Security Conference, Gaithersburg, Maryland, 1985.
5. th USENIX Security Symposium, August 2004.
6. th USENIX Security Symposium, August 2004.
7. D. . Clark and D. R. Wilson. A comparison of commercial and military computer security policies. In Proceedings of the 1987 IEEE Symposium on Security and Privacy, May 1987.
8. D. E Denning. A Lattice Model of Secure Information Flow. In Communications of the ACM, vol. 19, no. 5 (May 1976), pp. 236-243.
9. J. Dyer, M. Lindemann, R. Perez, R. Sailer, S. W. Smith, L. van Doorn, and S. Weingart. Building the IBM 4758 secure coprocessor. IEEE Computer, (34)10:57-66, October 2001.
10. D. Evans and D. Larochelle. Improving security using extensible lightweight static analysis. IEEE Software, Jan/Feb 2002.
11. P. England, B. Lampson, J. Manferdelli, M. Peinado, and B. Willman. A trusted open platform. IEEE Computer, pp. 55-62, July 2003.
12. T. Fraser. LOMAC: Low Water-Mark integrity protection for COTS environments. In Proceedings of the 2000 IEEE Symposium on Security and Privacy, May 2000.
13. J. Guttman, A. Herzog, and J. Ramsdell. Information flow in operating systems: Eager formal methods. In Workshop on Issues in the Theory of Security (WITS), 2003.
14. T. Jaeger and A. Edwards and X. Zhang. Policy management using access control spaces. ACM Transactions on Information and System Security (TISSEC), 6(3), August 2003.
15. th USENIX Security Symposium, August 2003.
16. th ACM Symposium on Access Control Models and Technologies, June 2004.
17. D. Kilpatrick. Privman: A library for partitioning applications. In Proceedings of the USENIX 2003 Annual Technical Conference, FREENIX Track, April 2003.
18. P. Li and S. Zdancewic. “Downgrading Policies and Relaxed Noninterference”. In Proceedings of the 2005 Symposium on Principles of Programming Languages, January 2005.
19. A. C. Myers and B. Liskov. Complete, safe information flow with decentralized labels. In Proceedings of the 1998 IEEE Symposium on Security and Privacy, May 1998.
20. NIST, Computer Security Division. Common criteria for IT security evaluation. Available from csrc. nist.gov/cc/, 2004.
21. th USENIX Security Symposium, August 2003.
22. th European Symposium on Research in Computer Security (ESORICS), 2000.
23. National Security Agency. Security-Enhanced Linux (SELinux). http://www.nsa.gov/selinux, 2001.
24. th European Symposium on Research in Computer Security (ESORICS), 2002.
25. Tresys Technology. Security-Enhanced Linux research. www.tresys.com/selinux.html, 2004.
26. th USENIX Security Symposium, August 2002.
27. th USENIX Security Symposium, August 2002.