Beyond SELinux: the Case for Behavior-Based Policy and Trust Languages
نویسندگان
چکیده
Despite the availability of powerful mechanisms for security policy and access control, real-world information security practitioners—both developers and security officers—still find themselves in need of something more. We believe that this is the case because available policy languages do not provide clear and intelligible ways to allow developers to communicate their knowledge and expectations of trustworthy behaviors and actual application requirements to IT administrators. We work to address this policy engineering gap by shifting the focus of policy language design to this communication via behavior-based policies and their motivating scenarios.
منابع مشابه
The Health Policy Process in Vietnam: Going Beyond Kingdon’s Multiple Streams Theory; Comment on “Shaping the Health Policy Agenda: The Case of Safe Motherhood Policy in Vietnam”
This commentary reflects upon the article along three broad lines. It reflects on the theoretical choices and omissions, particularly highlighting why it is important to adapt the multiple streams framework (MSF) when applying it in a socio-political context like Vietnam’s. The commentary also reflects upon the analytical threads tackled by Ha et al; for instance, it highlights the opportunitie...
متن کاملRelationship between People’s Trust in the Government and Their Compliance with Covid-19 Health Advice: A Case study of Tehran Residents
Introduction: Different people try to follow the health protocols and limit their daily behaviors in different ways to deal with Covid-19 Pandemic. In the meantime, trust is an important element as a facilitator of social cooperation and a creator of responsibility among people. The present study aimed to investigate the relationship between people’s trust in government and their compliance wit...
متن کاملIntegrating SELinux with Security-typed Languages
Recent advances in the area of security-typed languages have enabled the development of realistic applications aware of information flow security. Traditionally, operating systems have enforced MAC with minimal dependence on application programs. Although these approaches have common goals, they have progressed independently. However, there are many cases where systems depend on userlevel progr...
متن کاملRelationship between People’s Trust in the Government and Their Compliance with Covid-19 Health Advice: A Case study of Tehran Residents
Introduction: Different people try to follow the health protocols and limit their daily behaviors in different ways to deal with Covid-19 Pandemic. In the meantime, trust is an important element as a facilitator of social cooperation and a creator of responsibility among people. The present study aimed to investigate the relationship between people’s trust in government and their compliance wit...
متن کاملAnalyzing Integrity Protection in the SELinux Example Policy
In this paper, we present an approach for analyzing the integrity protection in the SELinux example policy. The SELinux example policy is intended as an example from which administrators customize to create a policy for their site’s security goals, but the complexity of the model and size of the policy make this quite complex. Our aim is to provide an access control model to express site securi...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011