Model-based safety analysis of SELinux security policies

Amthor, Peter; Kühnhauser, Winfried E.; Pölck, Anja

doi:10.1109/icnss.2011.6060002

Cited by 14 publications

(10 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…As anticipated, most of the studies (51 out of 143) were focusing on the level of requirements. Fifteen studies 23–37 out of those 51 were focusing exclusively on requirements modeling of such systems. Thirty‐one studies 38–68 were focusing on both requirements modeling and analysis.…”

Section: Mapping Study Resultsmentioning

confidence: 99%

“…The proposed languages were either formal languages, 15,21,38,96,115 graphical modeling languages, 17,31,39,70 programming languages, 125 architecture description language, 106 or a language for presenting mishaps. 156 Some researchers also presented some decision support systems, 76,77,108,122,123 patterns, 50,85,100,105,119 and policies 29,54,80 for the MDE of safe and secure software systems.…”

Section: Contribution Classification (Rq3)mentioning

confidence: 99%

See 1 more Smart Citation

Model‐driven engineering of safety and security software systems: A systematic mapping study and future research directions

Mashkoor

Egyed

Wille

et al. 2022

J Software Evolu Process

View full text Add to dashboard Cite

This article presents a systematic mapping study on the model-driven engineering of safety and security concerns in software systems. Combined modeling and development of both safety and security concerns is an emerging field of research as both concerns affect one another in unique ways. Our mapping study provides an overview of the current state of the art in this field. This study carefully selected 143 publications out of 27,259 relevant papers through a rigorous and systematic process. This study then proposes and answers questions such as frequently used methods and tools and development stages where these concerns are typically investigated in application domains. Additionally, we identify the community's preference for publication venues and trends. The discussion on obtained results also features the gained insights and future research directions.

show abstract

Section: Mapping Study Resultsmentioning

confidence: 99%

Section: Contribution Classification (Rq3)mentioning

confidence: 99%

Model‐driven engineering of safety and security software systems: A systematic mapping study and future research directions

Mashkoor

Egyed

Wille

et al. 2022

J Software Evolu Process

View full text Add to dashboard Cite

show abstract

“…В статье [27] этот язык использован для построения алгоритмов и инструментов анализа политик. В работе [28] механизм SELinux вкладывается в известную модель безопасности Харрисона-Руззо-Ульмана (M.A. Harrison, W.L.…”

Section: обзор Selinuxunclassified

Integrating RBAC, MIC, and MLS in Verified Hierarchical Security Model for Operating System

Devyanin

2020

Proceedings of ISP RAS

View full text Add to dashboard Cite

“…Guttman et al (Guttman et al, 2005) applies information flow analysis to SELinux policies. The HRU security model (Harrison et al, 1976) has been used to analyze SELinux policies (Amthor et al, 2011). Hurd et al (Hurd et al, 2009) applied Domain Specific Languages (DSL) (Fowler, 2010) in order to develop and verify the SELinux policy.…”

Section: Selinux Toolsmentioning

confidence: 99%

SELint: An SEAndroid Policy Analysis Tool

Reshetova

Bonazzi²,

Asokan³

2017

Proceedings of the 3rd International Conference on Information Systems Security and Privacy

View full text Add to dashboard Cite

SEAndroid enforcement is now mandatory for Android devices. In order to provide the desired level of security for their products, Android OEMs need to be able to minimize their mistakes in writing SEAndroid policies. However, existing SEAndroid and SELinux tools are not very useful for this purpose. It has been shown that SEAndroid policies found in commercially available devices by multiple manufacturers contain mistakes and redundancies. In this paper we present a new tool, SELint, which aims to help OEMs to produce better SEAndroid policies. SELint is extensible and configurable to suit the needs of different OEMs. It is provided with a default configuration based on the AOSP SEAndroid policy, but can be customized by OEMs.

show abstract

Model-based safety analysis of SELinux security policies

Cited by 14 publications

References 22 publications

Model‐driven engineering of safety and security software systems: A systematic mapping study and future research directions

Model‐driven engineering of safety and security software systems: A systematic mapping study and future research directions

Integrating RBAC, MIC, and MLS in Verified Hierarchical Security Model for Operating System

SELint: An SEAndroid Policy Analysis Tool

Contact Info

Product

Resources

About