Entry Hicks:2010:LSA from tissec.bib
Last update: Sun Oct 15 02:58:48 MDT 2017
Top |
Symbols |
Numbers |
Math |
A |
B |
C |
D |
E |
F |
G |
H |
I |
J |
K |
L |
M |
N |
O |
P |
Q |
R |
S |
T |
U |
V |
W |
X |
Y |
Z
BibTeX entry
@Article{Hicks:2010:LSA,
author = "Boniface Hicks and Sandra Rueda and Luke {St. Clair}
and Trent Jaeger and Patrick McDaniel",
title = "A logical specification and analysis for {SELinux MLS}
policy",
journal = j-TISSEC,
volume = "13",
number = "3",
pages = "26:1--26:??",
month = jul,
year = "2010",
CODEN = "ATISBQ",
DOI = "https://doi.org/10.1145/1805874.1805982",
ISSN = "1094-9224 (print), 1557-7406 (electronic)",
ISSN-L = "1094-9224",
bibdate = "Wed Jul 28 14:57:15 MDT 2010",
bibsource = "http://portal.acm.org/;
http://www.math.utah.edu/pub/tex/bib/linux.bib;
http://www.math.utah.edu/pub/tex/bib/tissec.bib;
http://www.math.utah.edu/pub/tex/bib/unix.bib",
abstract = "The SELinux mandatory access control (MAC) policy has
recently added a multilevel security (MLS) model which
is able to express a fine granularity of control over a
subject's access rights. The problem is that the
richness of the SELinux MLS model makes it impractical
to manually evaluate that a given policy meets certain
specific properties. To address this issue, we have
modeled the SELinux MLS model, using a logical
specification and implemented that specification in the
Prolog language. Furthermore, we have developed some
analyses for testing information flow properties of a
given policy as well as an algorithm to determine
whether one policy is compliant with another. We have
implemented these analyses in Prolog and compiled our
implementation into a tool for SELinux MLS policy
analysis, called PALMS. Using PALMS, we verified some
important properties of the SELinux MLS reference
policy, namely that it satisfies the simple security
condition and $\star$-property defined by Bell and
LaPadula. We also evaluated whether the policy
associated to a given application is compliant with the
policy of the SELinux system in which it would be
deployed.",
acknowledgement = ack-nhfb,
articleno = "26",
fjournal = "ACM Transactions on Information and System Security",
journal-URL = "http://portal.acm.org/browse_dl.cfm?idx=J789",
keywords = "multilevel security; policy analysis; policy
compliance; SELinux",
}
Related entries
- able,
2(2)138,
9(2)181,
12(2)12,
12(3)17,
12(3)18,
13(3)22,
13(3)24,
13(3)28,
14(1)9,
16(3)10,
17(3)9,
17(3)10
- added,
2(1)3
- address,
2(1)65,
2(4)390,
10(2)8,
10(3)12,
11(1)4,
11(2)3,
11(3)12,
12(2)11,
13(3)22,
13(4)31,
13(4)38,
13(4)40,
14(1)3,
15(1)2,
15(2)6,
15(2)8,
16(3)11,
16(4)14,
17(1)1,
17(1)2,
17(1)4,
17(2)8,
17(3)11
- algorithm,
1(1)26,
2(1)3,
2(1)65,
2(1)105,
2(3)295,
9(2)162,
9(4)391,
9(4)421,
10(1)4,
10(4)3,
11(1)4,
11(3)12,
12(2)8,
12(3)17,
12(4)20,
13(1)10,
13(3)20,
13(3)22,
13(3)24,
13(3)27,
13(3)28,
13(4)36,
13(4)41,
14(1)3,
14(1)13,
14(3)25,
15(3)11,
15(4)15,
15(4)17,
16(1)4,
17(3)11,
17(4)13,
18(1)1,
18(1)4,
18(4)14
- analyse,
12(2)13,
16(4)17,
17(2)7,
17(4)16
- analysis,
1(1)66,
2(1)34,
2(2)138,
2(3)230,
2(3)332,
4(1)1,
6(4)443,
7(2)175,
7(4)489,
8(3)312,
9(3)292,
9(4)391,
10(1)2,
10(3)9,
10(3)10,
10(3)11,
10(4)2,
10(4)6,
11(2)3,
11(3)13,
11(3)15,
11(4)17,
11(4)18,
11(4)23,
12(1)4,
12(2)10,
12(3)16,
13(1)10,
13(3)25,
13(3)27,
13(4)41,
14(1)6,
14(1)8,
14(1)13,
14(2)15,
14(4)28,
15(3)14,
15(4)17,
15(4)18,
16(1)2,
16(1)4,
16(2)8,
16(3)10,
16(3)11,
16(4)14,
16(4)17,
17(1)1,
17(1)4,
17(2)7,
17(3)9,
17(4)14,
18(1)1,
18(1)4,
18(2)6
- another,
1(1)26,
1(1)66,
11(3)13,
11(3)14,
12(1)5,
12(3)18,
13(4)36,
15(3)12,
15(4)18,
18(1)1
- application,
1(1)66,
2(2)159,
2(2)177,
2(4)354,
4(2)103,
7(1)1,
7(1)97,
8(3)287,
9(1)1,
9(1)94,
10(1)2,
10(2)6,
10(4)3,
11(1)2,
11(1)3,
11(3)14,
11(3)16,
11(4)22,
12(1)2,
12(1)3,
12(2)11,
12(3)14,
12(4)21,
13(1)4,
13(1)10,
13(2)17,
13(3)22,
13(4)38,
13(4)39,
14(1)2,
14(1)3,
14(1)6,
14(1)8,
14(1)9,
14(2)19,
14(3)27,
15(1)2,
15(1)4,
16(1)1,
16(1)2,
16(2)6,
16(3)9,
16(4)13,
16(4)17,
17(2)5,
17(4)13,
18(3)10,
18(4)12
- associated,
1(1)26,
2(1)105,
10(4)2,
11(4)20,
12(3)18,
13(4)33,
15(3)13,
16(4)15
- called,
1(1)3,
1(1)66,
2(1)105,
2(2)177,
2(3)269,
10(1)4,
11(1)3,
11(3)14,
12(3)15,
13(1)10,
13(3)27,
14(1)13,
14(4)28,
15(1)2,
15(2)9,
15(4)18,
16(2)6,
17(1)2,
17(3)10,
17(4)16,
18(1)3
- certain,
10(2)5,
11(2)1,
11(4)22,
12(1)1,
12(1)6,
12(2)8,
12(4)20,
13(4)40,
15(2)9,
17(1)2,
17(3)10,
18(2)7
- compiled,
15(3)12
- condition,
1(1)26,
2(3)295,
10(4)1,
11(1)3,
11(2)2,
11(4)21,
12(2)11,
16(1)3,
17(1)2,
18(1)2,
18(2)5,
18(2)6
- defined,
2(1)105,
12(1)1,
13(1)10,
13(3)20,
14(3)25,
15(2)6,
16(1)4,
16(2)5,
17(1)3
- deployed,
10(3)11,
11(3)14,
14(3)23,
15(1)2,
15(2)6,
15(3)13,
15(4)16,
17(3)9,
18(1)1
- determine,
1(1)3,
11(2)3,
11(2)6,
11(3)16,
12(4)20,
13(4)38,
13(4)40,
14(1)2,
14(4)32,
16(2)5,
17(1)1,
17(2)8
- developed,
10(1)4,
10(2)7,
11(3)14,
12(1)4,
13(3)28,
14(1)6,
14(1)13,
15(3)13,
16(4)17,
17(1)3,
18(1)1,
18(2)8
- evaluate,
2(2)138,
2(4)354,
10(4)3,
11(2)3,
11(3)12,
11(3)14,
13(4)30,
13(4)35,
14(1)3,
15(3)13,
15(4)17,
16(1)2,
16(2)6,
17(1)1,
17(2)8,
17(4)14,
18(4)14
- evaluated,
10(4)3,
11(4)17,
15(4)17,
16(4)16,
16(4)17
- express,
2(1)65,
13(3)20
- flow,
1(1)26,
1(1)93,
10(2)7,
12(1)5,
12(2)11,
14(3)24,
15(1)2,
16(1)1,
16(2)6,
18(2)8
- furthermore,
2(3)295,
2(4)390,
10(4)2,
12(1)6,
12(4)20,
13(1)10,
13(3)28,
13(4)32,
13(4)40,
14(1)4,
15(2)6,
16(1)3,
17(2)7,
17(4)16
- given,
1(1)3,
1(1)93,
2(1)3,
2(1)105,
10(1)2,
10(2)5,
10(4)1,
11(2)3,
11(4)19,
11(4)20,
12(1)2,
12(1)5,
12(1)6,
12(3)14,
12(4)20,
13(1)10,
14(3)26,
15(2)10,
15(3)12,
15(4)15,
16(1)3,
16(1)4,
17(3)12
- granularity,
5(4)398,
10(1)2,
18(4)12
- has,
1(1)93,
2(1)105,
2(2)138,
2(3)230,
2(3)269,
2(3)332,
9(4)391,
10(1)3,
10(1)4,
10(3)10,
11(1)2,
11(2)2,
11(3)14,
11(4)17,
11(4)19,
11(4)22,
11(4)23,
12(1)2,
12(2)9,
12(2)10,
12(3)15,
12(4)22,
13(3)20,
13(3)25,
13(3)27,
13(3)28,
13(4)36,
14(1)3,
14(1)12,
14(1)14,
14(3)26,
14(4)28,
15(1)2,
15(2)6,
15(2)10,
15(3)12,
16(2)8,
16(4)14,
17(1)2,
17(1)3,
17(3)9,
17(3)11,
17(4)14,
17(4)15,
17(4)16,
18(2)7,
18(3)11,
18(4)14
- have,
1(1)66,
1(1)93,
2(1)65,
2(2)138,
2(3)230,
2(3)269,
10(1)2,
10(1)4,
10(2)5,
10(3)10,
10(3)12,
10(4)4,
10(4)5,
10(4)6,
11(1)2,
11(2)1,
11(2)5,
11(3)15,
11(3)16,
11(4)17,
11(4)18,
11(4)21,
12(1)1,
12(1)2,
12(2)10,
12(2)13,
12(3)15,
12(3)16,
12(3)17,
12(4)20,
13(3)20,
13(3)27,
13(3)28,
13(4)32,
13(4)36,
13(4)39,
13(4)40,
14(1)6,
14(1)7,
14(1)10,
14(1)13,
14(1)14,
14(3)27,
14(4)28,
14(4)29,
15(2)7,
15(2)9,
15(2)10,
15(3)12,
15(4)18,
16(2)7,
16(2)8,
16(3)10,
16(4)15,
16(4)16,
17(1)3,
17(3)11,
17(3)12,
17(4)13,
17(4)15,
18(1)1,
18(1)3,
18(2)5,
18(2)7,
18(4)13
- Hicks, Boniface,
11(3)16
- implementation,
1(1)3,
1(1)26,
1(1)66,
2(1)34,
2(2)177,
2(4)390,
2(4)416,
7(2)319,
11(1)2,
11(1)3,
11(1)4,
11(3)16,
11(4)18,
11(4)22,
12(1)1,
12(2)10,
12(2)11,
12(3)14,
12(4)22,
13(1)4,
13(3)27,
14(1)3,
15(1)3,
15(2)8,
15(3)13,
15(4)16,
16(1)1,
16(1)2,
16(3)9,
16(3)10,
16(3)11,
16(4)13,
17(2)5,
17(2)8,
18(1)2,
18(1)3,
18(1)4
- implemented,
2(3)269,
10(1)4,
11(2)5,
12(1)1,
14(1)8,
14(3)27,
15(4)16,
15(4)18,
17(2)5,
17(3)10,
17(3)11,
17(4)13,
18(2)6
- important,
1(1)3,
1(1)66,
2(3)295,
10(2)8,
11(3)14,
11(4)18,
11(4)20,
12(1)4,
13(3)27,
13(4)36,
14(4)28,
15(3)12,
15(4)18,
16(1)4,
17(3)11
- impractical,
14(4)29,
17(1)2
- issue,
1(1)66,
2(1)65,
2(4)354,
8(4)349,
10(1)1,
10(3)12,
11(1)2,
12(1)5,
12(2)7,
12(3)15,
12(4)22,
13(1)1,
13(2)11,
13(3)22,
13(4)32,
15(1)1,
15(2)7,
16(2)7,
16(3)12,
17(1)1,
17(1)2
- Jaeger, Trent,
2(2)177,
4(2)158,
6(3)327,
7(2)175
- language,
2(1)65,
9(4)391,
9(4)421,
10(1)3,
10(2)8,
11(1)2,
11(1)4,
11(4)21,
12(1)1,
12(2)12,
13(3)20,
13(3)24,
13(3)28,
14(1)9,
15(1)2,
15(2)8,
16(1)3,
16(3)9,
16(4)17,
17(1)2,
17(1)3
- logical,
6(1)71,
10(1)2,
10(1)4,
11(4)18,
15(2)7,
16(4)17
- MAC,
11(4)19,
14(3)24,
18(2)6
- make,
2(3)332,
9(1)31,
10(1)2,
10(3)11,
10(4)6,
11(1)4,
11(3)13,
11(3)14,
11(4)22,
11(4)23,
12(1)1,
12(3)15,
13(3)22,
13(3)28,
13(4)35,
14(4)29,
15(1)3,
15(1)4,
15(4)17,
16(3)10,
17(3)10,
18(1)1,
18(2)7,
18(4)13
- mandatory,
3(2)85,
14(3)24,
18(2)6
- manually,
12(2)10
- McDaniel, Patrick,
9(3)259,
11(3)16
- meet,
2(2)138,
17(3)10
- modeled,
12(3)18,
15(3)13,
18(2)7
- multilevel,
1(1)93,
4(4)321
- namely,
12(2)13,
13(1)10,
17(3)12,
18(1)4,
18(2)5
- one,
1(1)26,
1(1)93,
2(1)3,
2(1)65,
2(3)295,
9(4)461,
10(1)2,
10(2)5,
10(2)8,
10(3)12,
10(4)3,
11(2)6,
11(3)14,
12(1)1,
12(1)5,
12(2)13,
12(3)14,
13(3)21,
13(3)25,
13(3)27,
13(4)41,
14(1)3,
14(1)5,
14(4)30,
14(4)32,
15(2)10,
15(3)11,
15(4)16,
15(4)18,
16(1)3,
16(1)4,
16(3)9,
16(4)14,
17(2)8,
17(4)13,
18(1)1,
18(3)11,
18(4)13
- problem,
1(1)3,
2(3)269,
2(3)295,
5(3)238,
9(2)162,
9(4)391,
10(2)5,
10(2)8,
10(3)9,
10(3)10,
10(3)12,
10(4)1,
10(4)3,
11(2)2,
11(3)12,
11(3)15,
11(4)19,
12(1)2,
12(1)6,
12(2)9,
12(3)18,
12(4)20,
13(3)22,
13(3)27,
13(4)33,
13(4)36,
13(4)40,
14(3)25,
14(4)31,
15(4)15,
15(4)18,
16(1)3,
16(1)4,
16(3)11,
16(4)15,
17(2)8,
17(3)11,
17(4)15,
18(1)3
- property,
1(1)66,
1(1)93,
2(1)34,
2(2)177,
9(4)391,
10(1)2,
10(2)7,
10(2)8,
10(3)9,
11(1)2,
11(3)12,
11(3)13,
12(1)2,
12(1)3,
12(2)8,
12(2)9,
12(3)14,
12(3)18,
12(3)19,
12(4)21,
13(4)41,
14(2)16,
15(1)4,
15(2)9,
15(2)10,
15(3)14,
15(4)18,
16(1)3,
16(2)5,
17(1)3,
17(1)4,
18(1)3,
18(2)6,
18(2)8,
18(4)12
- recently,
2(4)416,
9(2)181,
13(3)28,
13(4)37,
14(3)27,
15(1)2,
15(2)7,
16(3)10,
16(4)14,
16(4)17,
17(4)14,
17(4)16,
18(1)1
- reference,
2(1)3,
2(1)34,
9(2)181,
16(1)4,
18(1)4
- right,
2(2)177,
11(4)21
- satisfy,
1(1)93,
10(2)5,
11(1)2,
12(3)18,
12(4)20,
15(3)13,
16(1)4,
18(2)6
- SELinux,
14(2)19
- simple,
2(3)230,
5(3)203,
9(2)181,
10(1)4,
10(3)11,
12(2)9,
12(2)13,
12(3)18,
12(4)21,
12(4)22,
13(4)33,
14(3)27,
15(2)9,
15(4)17,
17(1)2,
18(1)1
- specific,
1(1)26,
10(2)6,
10(4)3,
10(4)4,
11(4)19,
12(1)6,
14(1)5,
14(1)9,
15(2)6,
16(3)10,
18(1)2
- specification,
1(1)26,
2(1)65,
2(2)177,
3(4)207,
6(4)501,
8(2)187,
8(4)351,
10(2)7,
10(2)8,
10(3)9,
10(4)2,
11(1)4,
11(4)19,
13(3)24,
14(3)24,
15(3)13,
15(4)16,
16(1)3,
16(1)4,
16(4)13,
17(2)5,
17(4)16,
18(2)7,
18(2)8
- subject,
1(1)26,
9(2)162,
9(4)421,
11(1)3,
11(1)4,
11(3)12,
14(1)7,
15(3)12,
17(1)2,
17(4)14,
18(2)5
- testing,
3(4)262,
12(1)4,
12(3)14,
15(1)3,
16(2)8,
17(2)5
- tool,
1(1)66,
2(3)332,
2(4)390,
7(2)274,
9(2)181,
10(4)2,
12(2)10,
13(3)24,
13(4)30,
13(4)40,
14(1)6,
15(1)3,
15(4)18,
16(1)4,
16(2)7,
17(2)7,
18(1)1,
18(1)4
- using,
2(2)138,
2(2)177,
2(3)332,
4(3)289,
6(2)258,
6(3)327,
9(2)113,
9(2)162,
9(2)181,
9(3)292,
9(3)325,
9(4)461,
10(1)4,
10(2)8,
10(3)11,
10(4)3,
10(4)6,
11(1)2,
11(2)1,
11(2)2,
11(2)3,
11(3)14,
11(4)19,
11(4)21,
12(2)10,
12(2)11,
13(1)2,
13(1)8,
13(3)20,
13(4)31,
13(4)35,
13(4)39,
14(1)3,
14(1)12,
14(1)14,
14(3)27,
15(1)2,
15(3)11,
15(3)12,
15(4)15,
15(4)17,
16(1)1,
16(1)2,
16(1)4,
16(2)5,
16(2)6,
16(3)10,
16(4)17,
17(1)1,
17(2)5,
17(3)10,
17(3)11,
17(4)13,
17(4)14,
17(4)16,
18(2)7,
18(2)8,
18(3)10,
18(3)11,
18(4)14
- verified,
2(3)332,
9(2)138,
15(1)3,
15(3)11,
16(4)17,
18(2)7
- well,
1(1)93,
10(1)2,
10(2)8,
10(3)11,
10(3)12,
11(1)3,
11(1)4,
11(2)5,
11(3)15,
12(1)1,
12(1)3,
12(1)5,
12(2)10,
13(1)10,
14(1)3,
14(1)5,
14(1)14,
14(3)23,
15(3)12,
15(4)15,
15(4)16,
15(4)18,
16(2)8,
17(3)9,
17(3)10,
17(3)11,
18(1)3,
18(2)5
- whether,
1(1)3,
1(1)26,
10(2)5,
10(4)2,
10(4)5,
11(2)3,
11(2)6,
11(3)16,
12(1)1,
12(4)20,
13(4)40,
14(3)25,
14(4)32,
16(1)3,
16(1)4,
17(1)1,
17(1)2
- would,
2(2)159,
10(4)1,
12(2)13,
12(4)22,
15(2)6,
15(2)10,
16(2)8,
17(3)11,
18(3)9