Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IEEEARES
2007
IEEE
2007
IEEE
Pastures: Towards Usable Security Policy Engineering
Whether a particular computing installation meets its security goals depends on whether the administrators can create a policy that expresses these goals—security in practice requires effective policy engineering. We have found that the reigning SELinux model fares poorly in this regard, partly because typical isolation goals are not directly stated but instead are properties derivable from the type definitions by complicated analysis tools. Instead, we are experimenting with a security-policy approach based on copy-on-write “pastures”, in which the sharing of resources between pastures is the fundamental security policy primitive. We argue that it has a number of properties that are better from the usability point of view. We implemented this approach as a patch for the 2.6 Linux kernel.
Real-time TrafficEffective Policy Engineering | IEEEARES 2007 | Security Privacy | SELinux Model Fares | Typical Isolation Goals |
Related Content
| Added | 03 Jun 2010 |
| Updated | 03 Jun 2010 |
| Type | Conference |
| Year | 2007 |
| Where | IEEEARES |
| Authors | Sergey Bratus, Alex Ferguson, Doug McIlroy, Sean W. Smith |
Comments (0)
Researcher Info
|
