Specifying and Verifying Information Flow Control in SELinux Configurations-Reference-Cited by-同舟云学术

Specifying and Verifying Information Flow Control in SELinux Configurations

Published:2024-08-29 Issue: Volume: Page:
ISSN:2471-2566
Container-title:ACM Transactions on Privacy and Security
language:en
Short-container-title:ACM Trans. Priv. Secur.

Author:

Ceragioli Lorenzo¹^ORCID,Galletta Letterio²^ORCID,Degano Pierpaolo³²^ORCID,Basin David⁴^ORCID

Affiliation:

1. IMT School for Advanced Studies Lucca, Lucca, Italy

2. IMT School for Advanced Studies Lucca, Lucca Italy

3. Università di Pisa, Pisa Italy

4. ETH Zurich, Zurich Switzerland

Abstract

Security Enhanced Linux (SELinux) is a security architecture for Linux implementing Mandatory Access Control. It has been used in numerous security-critical contexts ranging from servers to mobile devices. However, its application is challenging as SELinux security policies are difficult to write, understand, and maintain. Recently, the intermediate language CIL was introduced to foster the development of high-level policy languages and to write structured configurations. Despite CIL’s high level features, CIL configurations are hard to understand as different constructs interact in non-trivial ways. Moreover, there is no mechanism to ensure that a given configuration obeys desired information flow policies. To remedy this, we enrich CIL with a formal semantics, and we propose IFCIL, a backward compatible extension of CIL for specifying fine-grained information flow requirements. Using IFCIL, administrators can express confidentiality, integrity, and non-interference properties. We also provide a tool to statically verify these requirements and we experimentally assess it on ten real-world policies.

Publisher

Association for Computing Machinery (ACM)

Link

https://dl.acm.org/doi/pdf/10.1145/3690636

Reference51 articles.

1. Niklas Broberg and David Sands. 2010. Paralocks: role-based information flow control and beyond. In Proceedings of the 37th POPL, Manuel V. Hermenegildo and Jens Palsberg (Eds.). ACM, 431–444.

2. Paragon - Practical programming with information flow control;Broberg Niklas;J. Comput. Secur.,2017

3. Michele Bugliesi, Stefano Calzavara, Riccardo Focardi, and Marco Squarcina. 2012. Gran: Model Checking Grsecurity RBAC Policies. In 25th IEEE Computer Security Foundations Symposium,, Stephen Chong (Ed.). IEEE Computer Society, 126–138.

4. Daniel Burgener. 2024. Cascade: A high level language for SELinux policy.

5. Stefano Calzavara, Alvise Rabitti, and Michele Bugliesi. 2015. Compositional Typed Analysis of ARBAC Policies. In IEEE 28th Computer Security Foundations Symposium, Cédric Fournet, Michael W. Hicks, and Luca Viganò (Eds.). 33–45.