Analyzing integrity protection in the SELinux example policy

Proceedings of the 12th USENIX Security Symposium

Volumn , Issue , 2003, Pages 59-74

  Jaeger, Trent ^a   Sailer, Reiner ^a   Zhang, Xiaolan ^a  

^a IBM T J WATSON RESEARCH CENTER   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS CONTROL; SEMANTICS;

ACCESS CONTROL MODELS; CLARK-WILSON; INTEGRITY POLICY; INTEGRITY PROTECTION; POLICY ANALYSIS; SECURITY GOALS; SITE SECURITY; TRUSTED COMPUTING BASE;

COMPUTER OPERATING SYSTEMS;

EID: 85077749236     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (23)

1. L. Badger, D. F. Sterne, D. L. Sherman, K. M. Walker, and S. A. Haghighat. A Domain and Type Enforcement UNIX Prototype. In Proceedings of the 1995 USENIX Security Symposium, 1995. Also available from TIS online archives.
2. D. Bell and L. La Padula. Secure Computer Systems: Mathematical Foundations (Volume 1). Technical Report ESD-TR-73-278, Mitre Corporation, 1973.
3. E. Bertino, B. Catania, E. Ferrari, and P. Perlasca. A logical framework for reasoning about access control models. ACM Transactions on Information and System Security (TISSEC), 5(4), Nov 2002.
4. K. J. Biba. Integrity considerations for secure computer systems. Technical Report MTR-3153, Mitre Corporation, Mitre Corp, Bedford MA, June 1975.
5. th National Computer Security Conference, Gaithersburg, Maryland, 1985.
6. D. D. Clark and D. R. Wilson. A comparison of commercial and military computer security policies. Proceedings of the 1987 IEEE Symposium on Security and Privacy, 1987.
7. A. Herzog. Personal communication. November 2002.
8. E. Ferrari and B. Thuraisingham. Secure database systems. In O. Diaz and M. Piattini, editors, Advanced Databases: Technology and Design, 2000.
9. T. Fraser. LOMAC: Low Water-Mark Integrity Protection for COTS Environments. In Proceedings of the 2000 IEEE Symposium on Security and Privacy, May 2000.
10. M. A. Harrison, W L. Ruzzo, and J. D. Ullman. Protection in operating systems. Communications of the ACM, 19(8), August 1976.
11. T. Jaeger and J. E. Tidswell. Practical safety in flexible access control models. ACM Transactions on Information and System Security (TISSEC), 4(2), May 2001.
12. th ACM Symposium on Access Control Models and Technologies, June 2002.
13. T. Jaeger, A. Edwards, and X. Zhang. Policy management using access control spaces. ACM Transactions on Information and System Security (TISSEC), to appear.
14. S. Jajodia, P. Samarati and V. Subrahmanian. A Logical Language for Expressing Authorizations. Proceedings of the IEEE Symposium on Security and Privacy, 1997.
15. P. Karger and R. Schell. Thirty years later: Lessons from the Multics security evaluation. IBM Technical Report, RC 22534, Revision 2, September 2002.
16. st National Information Systems Security Conference, October 1998.
17. S. Minear. Providing policy control over objects in a Mach-based system. Proceedings of the Fifth USENIX Security Symposium, 1995.
18. National Security Agency. Security-Enhanced Linux (SELinux). http://www.nsa.gov/selinux, 2001.
19. W Salamon. Core policy, second pass. SELinux mailing list archives, http://www.nsa.gov/selinux/list-archive/3941.html, 2003.
20. S. Smalley. Configuring the SELinux policy. NAI Labs Report #02-007, available at www.nsa.gov/selinux, June 2002.
21. R. Spencer, S. Smalley, P. Loscocco, M. Hibler, and J. Lapreau. The Flask security architecture: System support for diverse policies. Proceedings of the Eighth USENIX Security Symposium, August 1999.
22. C. Wright, C. Cowan, S. Smalley, J. Morris, and G. Kroah-Hartman. Linux Security Modules: General security support for the Linux kernel. Proceedings of the Eleventh USENIX Security Symposium, August 2002.
23. Tresys Technology. Security-Enhanced Linux research. www.tresys.com/selinux.html, 2001.