Beyond SELinux: the Case for Behavior-Based Policy and Trust Languages

Bratus, Sergey; Locasto, Michael E.; Otto, Boris; Shapiro, Rebecca; Smith, Sean W.; Weaver, Gabriel

Beyond SELinux: the Case for Behavior-Based Policy and Trust Languages

Type

working paper

Date Issued

2011-08-01

Author(s)

Bratus, Sergey

Locasto, Michael E.

Otto, Boris

Shapiro, Rebecca

Smith, Sean W.

Weaver, Gabriel

Research Team

CDQ, IWI2

Abstract

Despite the availability of powerful mechanisms for security policy and access control, real-world information security practitioners-both developers and security officers-still find themselves in need of something more. We believe that this is the case because available policy languages do not provide clear and intelligible ways to allow developers to communicate their knowledge and expectations of trustworthy behaviors and actual application requirements to IT administrators. We work to address this policy engineering gap by shifting the focus of policy language design to this communication via behavior-based policies and their motivating scenarios.

Language

English

Keywords

Security Models

Sicherheit

Trust

HSG Classification

not classified

Refereed

No

Publisher

Dartmouth College

Publisher place

Hanover, NH

Number

TR2011-701

URL

https://www.alexandria.unisg.ch/handle/20.500.14171/93751

Subject(s)

information managemen...

Division(s)

IWI - Institute of In...

Eprints ID

183170

File(s)

open access

Name

TR2011-701.pdf

Size

173.63 KB

Format

Adobe PDF

Checksum (MD5)

8df3ca5a16d4ace72366a9ef4bfb6ac8

Options

Beyond SELinux: the Case for Behavior-Based Policy and Trust Languages