Entry Hicks:2010:LSA from tissec.bib

Last update: Sun Oct 15 02:58:48 MDT 2017

Index sections

Top | Symbols | Numbers | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

BibTeX entry

@Article{Hicks:2010:LSA,
  author =       "Boniface Hicks and Sandra Rueda and Luke {St. Clair}
                 and Trent Jaeger and Patrick McDaniel",
  title =        "A logical specification and analysis for {SELinux MLS}
                 policy",
  journal =      j-TISSEC,
  volume =       "13",
  number =       "3",
  pages =        "26:1--26:??",
  month =        jul,
  year =         "2010",
  CODEN =        "ATISBQ",
  DOI =          "https://doi.org/10.1145/1805874.1805982",
  ISSN =         "1094-9224 (print), 1557-7406 (electronic)",
  ISSN-L =       "1094-9224",
  bibdate =      "Wed Jul 28 14:57:15 MDT 2010",
  bibsource =    "http://portal.acm.org/;
                 http://www.math.utah.edu/pub/tex/bib/linux.bib;
                 http://www.math.utah.edu/pub/tex/bib/tissec.bib;
                 http://www.math.utah.edu/pub/tex/bib/unix.bib",
  abstract =     "The SELinux mandatory access control (MAC) policy has
                 recently added a multilevel security (MLS) model which
                 is able to express a fine granularity of control over a
                 subject's access rights. The problem is that the
                 richness of the SELinux MLS model makes it impractical
                 to manually evaluate that a given policy meets certain
                 specific properties. To address this issue, we have
                 modeled the SELinux MLS model, using a logical
                 specification and implemented that specification in the
                 Prolog language. Furthermore, we have developed some
                 analyses for testing information flow properties of a
                 given policy as well as an algorithm to determine
                 whether one policy is compliant with another. We have
                 implemented these analyses in Prolog and compiled our
                 implementation into a tool for SELinux MLS policy
                 analysis, called PALMS. Using PALMS, we verified some
                 important properties of the SELinux MLS reference
                 policy, namely that it satisfies the simple security
                 condition and $\star$-property defined by Bell and
                 LaPadula. We also evaluated whether the policy
                 associated to a given application is compliant with the
                 policy of the SELinux system in which it would be
                 deployed.",
  acknowledgement = ack-nhfb,
  articleno =    "26",
  fjournal =     "ACM Transactions on Information and System Security",
  journal-URL =  "http://portal.acm.org/browse_dl.cfm?idx=J789",
  keywords =     "multilevel security; policy analysis; policy
                 compliance; SELinux",
}

Related entries

able, 2(2)138, 9(2)181, 12(2)12, 12(3)17, 12(3)18, 13(3)22, 13(3)24, 13(3)28, 14(1)9, 16(3)10, 17(3)9, 17(3)10
added, 2(1)3
address, 2(1)65, 2(4)390, 10(2)8, 10(3)12, 11(1)4, 11(2)3, 11(3)12, 12(2)11, 13(3)22, 13(4)31, 13(4)38, 13(4)40, 14(1)3, 15(1)2, 15(2)6, 15(2)8, 16(3)11, 16(4)14, 17(1)1, 17(1)2, 17(1)4, 17(2)8, 17(3)11
algorithm, 1(1)26, 2(1)3, 2(1)65, 2(1)105, 2(3)295, 9(2)162, 9(4)391, 9(4)421, 10(1)4, 10(4)3, 11(1)4, 11(3)12, 12(2)8, 12(3)17, 12(4)20, 13(1)10, 13(3)20, 13(3)22, 13(3)24, 13(3)27, 13(3)28, 13(4)36, 13(4)41, 14(1)3, 14(1)13, 14(3)25, 15(3)11, 15(4)15, 15(4)17, 16(1)4, 17(3)11, 17(4)13, 18(1)1, 18(1)4, 18(4)14
analyse, 12(2)13, 16(4)17, 17(2)7, 17(4)16
analysis, 1(1)66, 2(1)34, 2(2)138, 2(3)230, 2(3)332, 4(1)1, 6(4)443, 7(2)175, 7(4)489, 8(3)312, 9(3)292, 9(4)391, 10(1)2, 10(3)9, 10(3)10, 10(3)11, 10(4)2, 10(4)6, 11(2)3, 11(3)13, 11(3)15, 11(4)17, 11(4)18, 11(4)23, 12(1)4, 12(2)10, 12(3)16, 13(1)10, 13(3)25, 13(3)27, 13(4)41, 14(1)6, 14(1)8, 14(1)13, 14(2)15, 14(4)28, 15(3)14, 15(4)17, 15(4)18, 16(1)2, 16(1)4, 16(2)8, 16(3)10, 16(3)11, 16(4)14, 16(4)17, 17(1)1, 17(1)4, 17(2)7, 17(3)9, 17(4)14, 18(1)1, 18(1)4, 18(2)6
another, 1(1)26, 1(1)66, 11(3)13, 11(3)14, 12(1)5, 12(3)18, 13(4)36, 15(3)12, 15(4)18, 18(1)1
application, 1(1)66, 2(2)159, 2(2)177, 2(4)354, 4(2)103, 7(1)1, 7(1)97, 8(3)287, 9(1)1, 9(1)94, 10(1)2, 10(2)6, 10(4)3, 11(1)2, 11(1)3, 11(3)14, 11(3)16, 11(4)22, 12(1)2, 12(1)3, 12(2)11, 12(3)14, 12(4)21, 13(1)4, 13(1)10, 13(2)17, 13(3)22, 13(4)38, 13(4)39, 14(1)2, 14(1)3, 14(1)6, 14(1)8, 14(1)9, 14(2)19, 14(3)27, 15(1)2, 15(1)4, 16(1)1, 16(1)2, 16(2)6, 16(3)9, 16(4)13, 16(4)17, 17(2)5, 17(4)13, 18(3)10, 18(4)12
associated, 1(1)26, 2(1)105, 10(4)2, 11(4)20, 12(3)18, 13(4)33, 15(3)13, 16(4)15
called, 1(1)3, 1(1)66, 2(1)105, 2(2)177, 2(3)269, 10(1)4, 11(1)3, 11(3)14, 12(3)15, 13(1)10, 13(3)27, 14(1)13, 14(4)28, 15(1)2, 15(2)9, 15(4)18, 16(2)6, 17(1)2, 17(3)10, 17(4)16, 18(1)3
certain, 10(2)5, 11(2)1, 11(4)22, 12(1)1, 12(1)6, 12(2)8, 12(4)20, 13(4)40, 15(2)9, 17(1)2, 17(3)10, 18(2)7
compiled, 15(3)12
condition, 1(1)26, 2(3)295, 10(4)1, 11(1)3, 11(2)2, 11(4)21, 12(2)11, 16(1)3, 17(1)2, 18(1)2, 18(2)5, 18(2)6
defined, 2(1)105, 12(1)1, 13(1)10, 13(3)20, 14(3)25, 15(2)6, 16(1)4, 16(2)5, 17(1)3
deployed, 10(3)11, 11(3)14, 14(3)23, 15(1)2, 15(2)6, 15(3)13, 15(4)16, 17(3)9, 18(1)1
determine, 1(1)3, 11(2)3, 11(2)6, 11(3)16, 12(4)20, 13(4)38, 13(4)40, 14(1)2, 14(4)32, 16(2)5, 17(1)1, 17(2)8
developed, 10(1)4, 10(2)7, 11(3)14, 12(1)4, 13(3)28, 14(1)6, 14(1)13, 15(3)13, 16(4)17, 17(1)3, 18(1)1, 18(2)8
evaluate, 2(2)138, 2(4)354, 10(4)3, 11(2)3, 11(3)12, 11(3)14, 13(4)30, 13(4)35, 14(1)3, 15(3)13, 15(4)17, 16(1)2, 16(2)6, 17(1)1, 17(2)8, 17(4)14, 18(4)14
evaluated, 10(4)3, 11(4)17, 15(4)17, 16(4)16, 16(4)17
express, 2(1)65, 13(3)20
flow, 1(1)26, 1(1)93, 10(2)7, 12(1)5, 12(2)11, 14(3)24, 15(1)2, 16(1)1, 16(2)6, 18(2)8
furthermore, 2(3)295, 2(4)390, 10(4)2, 12(1)6, 12(4)20, 13(1)10, 13(3)28, 13(4)32, 13(4)40, 14(1)4, 15(2)6, 16(1)3, 17(2)7, 17(4)16
given, 1(1)3, 1(1)93, 2(1)3, 2(1)105, 10(1)2, 10(2)5, 10(4)1, 11(2)3, 11(4)19, 11(4)20, 12(1)2, 12(1)5, 12(1)6, 12(3)14, 12(4)20, 13(1)10, 14(3)26, 15(2)10, 15(3)12, 15(4)15, 16(1)3, 16(1)4, 17(3)12
granularity, 5(4)398, 10(1)2, 18(4)12
has, 1(1)93, 2(1)105, 2(2)138, 2(3)230, 2(3)269, 2(3)332, 9(4)391, 10(1)3, 10(1)4, 10(3)10, 11(1)2, 11(2)2, 11(3)14, 11(4)17, 11(4)19, 11(4)22, 11(4)23, 12(1)2, 12(2)9, 12(2)10, 12(3)15, 12(4)22, 13(3)20, 13(3)25, 13(3)27, 13(3)28, 13(4)36, 14(1)3, 14(1)12, 14(1)14, 14(3)26, 14(4)28, 15(1)2, 15(2)6, 15(2)10, 15(3)12, 16(2)8, 16(4)14, 17(1)2, 17(1)3, 17(3)9, 17(3)11, 17(4)14, 17(4)15, 17(4)16, 18(2)7, 18(3)11, 18(4)14
have, 1(1)66, 1(1)93, 2(1)65, 2(2)138, 2(3)230, 2(3)269, 10(1)2, 10(1)4, 10(2)5, 10(3)10, 10(3)12, 10(4)4, 10(4)5, 10(4)6, 11(1)2, 11(2)1, 11(2)5, 11(3)15, 11(3)16, 11(4)17, 11(4)18, 11(4)21, 12(1)1, 12(1)2, 12(2)10, 12(2)13, 12(3)15, 12(3)16, 12(3)17, 12(4)20, 13(3)20, 13(3)27, 13(3)28, 13(4)32, 13(4)36, 13(4)39, 13(4)40, 14(1)6, 14(1)7, 14(1)10, 14(1)13, 14(1)14, 14(3)27, 14(4)28, 14(4)29, 15(2)7, 15(2)9, 15(2)10, 15(3)12, 15(4)18, 16(2)7, 16(2)8, 16(3)10, 16(4)15, 16(4)16, 17(1)3, 17(3)11, 17(3)12, 17(4)13, 17(4)15, 18(1)1, 18(1)3, 18(2)5, 18(2)7, 18(4)13
Hicks, Boniface, 11(3)16
implementation, 1(1)3, 1(1)26, 1(1)66, 2(1)34, 2(2)177, 2(4)390, 2(4)416, 7(2)319, 11(1)2, 11(1)3, 11(1)4, 11(3)16, 11(4)18, 11(4)22, 12(1)1, 12(2)10, 12(2)11, 12(3)14, 12(4)22, 13(1)4, 13(3)27, 14(1)3, 15(1)3, 15(2)8, 15(3)13, 15(4)16, 16(1)1, 16(1)2, 16(3)9, 16(3)10, 16(3)11, 16(4)13, 17(2)5, 17(2)8, 18(1)2, 18(1)3, 18(1)4
implemented, 2(3)269, 10(1)4, 11(2)5, 12(1)1, 14(1)8, 14(3)27, 15(4)16, 15(4)18, 17(2)5, 17(3)10, 17(3)11, 17(4)13, 18(2)6
important, 1(1)3, 1(1)66, 2(3)295, 10(2)8, 11(3)14, 11(4)18, 11(4)20, 12(1)4, 13(3)27, 13(4)36, 14(4)28, 15(3)12, 15(4)18, 16(1)4, 17(3)11
impractical, 14(4)29, 17(1)2
issue, 1(1)66, 2(1)65, 2(4)354, 8(4)349, 10(1)1, 10(3)12, 11(1)2, 12(1)5, 12(2)7, 12(3)15, 12(4)22, 13(1)1, 13(2)11, 13(3)22, 13(4)32, 15(1)1, 15(2)7, 16(2)7, 16(3)12, 17(1)1, 17(1)2
Jaeger, Trent, 2(2)177, 4(2)158, 6(3)327, 7(2)175
language, 2(1)65, 9(4)391, 9(4)421, 10(1)3, 10(2)8, 11(1)2, 11(1)4, 11(4)21, 12(1)1, 12(2)12, 13(3)20, 13(3)24, 13(3)28, 14(1)9, 15(1)2, 15(2)8, 16(1)3, 16(3)9, 16(4)17, 17(1)2, 17(1)3
logical, 6(1)71, 10(1)2, 10(1)4, 11(4)18, 15(2)7, 16(4)17
MAC, 11(4)19, 14(3)24, 18(2)6
make, 2(3)332, 9(1)31, 10(1)2, 10(3)11, 10(4)6, 11(1)4, 11(3)13, 11(3)14, 11(4)22, 11(4)23, 12(1)1, 12(3)15, 13(3)22, 13(3)28, 13(4)35, 14(4)29, 15(1)3, 15(1)4, 15(4)17, 16(3)10, 17(3)10, 18(1)1, 18(2)7, 18(4)13
mandatory, 3(2)85, 14(3)24, 18(2)6
manually, 12(2)10
McDaniel, Patrick, 9(3)259, 11(3)16
meet, 2(2)138, 17(3)10
modeled, 12(3)18, 15(3)13, 18(2)7
multilevel, 1(1)93, 4(4)321
namely, 12(2)13, 13(1)10, 17(3)12, 18(1)4, 18(2)5
one, 1(1)26, 1(1)93, 2(1)3, 2(1)65, 2(3)295, 9(4)461, 10(1)2, 10(2)5, 10(2)8, 10(3)12, 10(4)3, 11(2)6, 11(3)14, 12(1)1, 12(1)5, 12(2)13, 12(3)14, 13(3)21, 13(3)25, 13(3)27, 13(4)41, 14(1)3, 14(1)5, 14(4)30, 14(4)32, 15(2)10, 15(3)11, 15(4)16, 15(4)18, 16(1)3, 16(1)4, 16(3)9, 16(4)14, 17(2)8, 17(4)13, 18(1)1, 18(3)11, 18(4)13
problem, 1(1)3, 2(3)269, 2(3)295, 5(3)238, 9(2)162, 9(4)391, 10(2)5, 10(2)8, 10(3)9, 10(3)10, 10(3)12, 10(4)1, 10(4)3, 11(2)2, 11(3)12, 11(3)15, 11(4)19, 12(1)2, 12(1)6, 12(2)9, 12(3)18, 12(4)20, 13(3)22, 13(3)27, 13(4)33, 13(4)36, 13(4)40, 14(3)25, 14(4)31, 15(4)15, 15(4)18, 16(1)3, 16(1)4, 16(3)11, 16(4)15, 17(2)8, 17(3)11, 17(4)15, 18(1)3
property, 1(1)66, 1(1)93, 2(1)34, 2(2)177, 9(4)391, 10(1)2, 10(2)7, 10(2)8, 10(3)9, 11(1)2, 11(3)12, 11(3)13, 12(1)2, 12(1)3, 12(2)8, 12(2)9, 12(3)14, 12(3)18, 12(3)19, 12(4)21, 13(4)41, 14(2)16, 15(1)4, 15(2)9, 15(2)10, 15(3)14, 15(4)18, 16(1)3, 16(2)5, 17(1)3, 17(1)4, 18(1)3, 18(2)6, 18(2)8, 18(4)12
recently, 2(4)416, 9(2)181, 13(3)28, 13(4)37, 14(3)27, 15(1)2, 15(2)7, 16(3)10, 16(4)14, 16(4)17, 17(4)14, 17(4)16, 18(1)1
reference, 2(1)3, 2(1)34, 9(2)181, 16(1)4, 18(1)4
right, 2(2)177, 11(4)21
satisfy, 1(1)93, 10(2)5, 11(1)2, 12(3)18, 12(4)20, 15(3)13, 16(1)4, 18(2)6
SELinux, 14(2)19
simple, 2(3)230, 5(3)203, 9(2)181, 10(1)4, 10(3)11, 12(2)9, 12(2)13, 12(3)18, 12(4)21, 12(4)22, 13(4)33, 14(3)27, 15(2)9, 15(4)17, 17(1)2, 18(1)1
specific, 1(1)26, 10(2)6, 10(4)3, 10(4)4, 11(4)19, 12(1)6, 14(1)5, 14(1)9, 15(2)6, 16(3)10, 18(1)2
specification, 1(1)26, 2(1)65, 2(2)177, 3(4)207, 6(4)501, 8(2)187, 8(4)351, 10(2)7, 10(2)8, 10(3)9, 10(4)2, 11(1)4, 11(4)19, 13(3)24, 14(3)24, 15(3)13, 15(4)16, 16(1)3, 16(1)4, 16(4)13, 17(2)5, 17(4)16, 18(2)7, 18(2)8
subject, 1(1)26, 9(2)162, 9(4)421, 11(1)3, 11(1)4, 11(3)12, 14(1)7, 15(3)12, 17(1)2, 17(4)14, 18(2)5
testing, 3(4)262, 12(1)4, 12(3)14, 15(1)3, 16(2)8, 17(2)5
tool, 1(1)66, 2(3)332, 2(4)390, 7(2)274, 9(2)181, 10(4)2, 12(2)10, 13(3)24, 13(4)30, 13(4)40, 14(1)6, 15(1)3, 15(4)18, 16(1)4, 16(2)7, 17(2)7, 18(1)1, 18(1)4
using, 2(2)138, 2(2)177, 2(3)332, 4(3)289, 6(2)258, 6(3)327, 9(2)113, 9(2)162, 9(2)181, 9(3)292, 9(3)325, 9(4)461, 10(1)4, 10(2)8, 10(3)11, 10(4)3, 10(4)6, 11(1)2, 11(2)1, 11(2)2, 11(2)3, 11(3)14, 11(4)19, 11(4)21, 12(2)10, 12(2)11, 13(1)2, 13(1)8, 13(3)20, 13(4)31, 13(4)35, 13(4)39, 14(1)3, 14(1)12, 14(1)14, 14(3)27, 15(1)2, 15(3)11, 15(3)12, 15(4)15, 15(4)17, 16(1)1, 16(1)2, 16(1)4, 16(2)5, 16(2)6, 16(3)10, 16(4)17, 17(1)1, 17(2)5, 17(3)10, 17(3)11, 17(4)13, 17(4)14, 17(4)16, 18(2)7, 18(2)8, 18(3)10, 18(3)11, 18(4)14
verified, 2(3)332, 9(2)138, 15(1)3, 15(3)11, 16(4)17, 18(2)7
well, 1(1)93, 10(1)2, 10(2)8, 10(3)11, 10(3)12, 11(1)3, 11(1)4, 11(2)5, 11(3)15, 12(1)1, 12(1)3, 12(1)5, 12(2)10, 13(1)10, 14(1)3, 14(1)5, 14(1)14, 14(3)23, 15(3)12, 15(4)15, 15(4)16, 15(4)18, 16(2)8, 17(3)9, 17(3)10, 17(3)11, 18(1)3, 18(2)5
whether, 1(1)3, 1(1)26, 10(2)5, 10(4)2, 10(4)5, 11(2)3, 11(2)6, 11(3)16, 12(1)1, 12(4)20, 13(4)40, 14(3)25, 14(4)32, 16(1)3, 16(1)4, 17(1)1, 17(1)2
would, 2(2)159, 10(4)1, 12(2)13, 12(4)22, 15(2)6, 15(2)10, 16(2)8, 17(3)11, 18(3)9