Towards a Uniform Framework for Dynamic Analysis of Access Control Models
This work addresses the challenge of efficiently verifying security policies in access control systems for security-critical applications, though it appears incremental as it builds on existing safety analysis methods.
The paper tackles the problem of needing to redesign formal analysis methods for each specific security policy by proposing a uniform framework that can be tailored to different application domains, demonstrated with SELinux policies to heuristically analyze safety properties.
Security-critical system requirements are increasingly enforced through mandatory access control systems. These systems are controlled by security policies, highly sensitive system components, which emphasizes the paramount importance of formally verified security properties regarding policy correctness. For the class of safety-properties, addressing potential dynamic right proliferation, a number of known and tested formal analysis methods and tools already exist. Unfortunately, these methods need to be redesigned from scratch for each particular policy from a broad range of different application domains. In this paper, we seek to mitigate this problem by proposing a uniform formal framework, tailorable to a safety analysis algorithm for a specific application domain. We present a practical workflow, guided by model-based knowledge, that is capable of producing a meaningful formal safety definition along with an algorithm to heuristically analyze that safety. Our method is demonstrated based on security policies for the SELinux operating system. Keywords: Security engineering, security policies, access control systems, access control models, safety, heuristic analysis, SELinux.