Model Checking Distributed Mandatory Access Control Policies
العنوان: | Model Checking Distributed Mandatory Access Control Policies |
---|---|
المؤلفون: | George Coker, Peter Loscocco, Lee Pike, Perry Alexander |
المصدر: | ACM Transactions on Information and System Security. 18:1-25 |
بيانات النشر: | Association for Computing Machinery (ACM), 2015. |
سنة النشر: | 2015 |
مصطلحات موضوعية: | Model checking, General Computer Science, business.industry, Computer science, Distributed computing, Access control, Hypervisor, computer.software_genre, Virtualization, Mandatory access control, Stateful firewall, Virtual machine, Role-based access control, Safety, Risk, Reliability and Quality, business, computer |
الوصف: | This work examines the use of model checking techniques to verify system-level security properties of a collection of interacting virtual machines. Specifically, we examine how local access control policies implemented in individual virtual machines and a hypervisor can be shown to satisfy global access control constraints. The SAL model checker is used to model and verify a collection of stateful domains with protected resources and local MAC policies attempting to access needed resources from other domains. The model is described along with verification conditions. The need to control state-space explosion is motivated and techniques for writing theorems and limiting domains explored. Finally, analysis results are examined along with analysis complexity. |
تدمد: | 1557-7406 1094-9224 |
URL الوصول: | https://explore.openaire.eu/search/publication?articleId=doi_________::7c6eb24a7738a820407e343c03cd3a83 https://doi.org/10.1145/2785966 |
حقوق: | CLOSED |
رقم الأكسشن: | edsair.doi...........7c6eb24a7738a820407e343c03cd3a83 |
قاعدة البيانات: | OpenAIRE |
تدمد: | 15577406 10949224 |
---|