Security Goals Assurance Based on Software Active Monitoring

Changzhi Zhao, Wei Dong, Martin Leucker, Zhichang Qi

Abstract

Access control is a vital security mechanism in today's operating systems and the security policies dictating the security relevant behaviors is lengthy and complex for example in Security-Enhanced Linux (SELinux). It is extremely difficult to verify the consistency between the security policies and the security goals desired by applications. In this paper we present how to predict whether the information flow security goal is violated or not during runtime how to generate the corresponding control actions on-line when divergence is detected and how to apply these actions in time based on software active monitoring technique. The symbolic security information flow model of SElinux is generated from a formalization of the access control mechanism which can be used to generate the N-step ahead projection of the future behavior. Information flow security goals are expressed in linear temporal logic (LTL) which provides clear description of the objectives desired by applications. Anticipatory monitor is generated from LTL formula automatically. We consider an on-line scheme where after the occurrence of an event, the next control action is determined on the basis of the N-step ahead projection of the future behavior. This procedure is repeated after the occurrence of next security relevant event. Thus a closed-loop system is generated that all behavior sequences will satisfy the security goals.

Original languageEnglish
Title of host publication2011 Fifth International Conference on Secure Software Integration and Reliability Improvement
Number of pages10
PublisherIEEE
Publication date23.09.2011
Pages70-79
Article number5992005
ISBN (Print)978-1-4577-0780-3
ISBN (Electronic)978-0-7695-4453-3
DOIs
Publication statusPublished - 23.09.2011
Event2011 5th International Conference on Secure Software Integration and Reliability Improvement - Jeju Island, Korea, Republic of
Duration: 27.06.201129.06.2011
Conference number: 86506

Fingerprint

Dive into the research topics of 'Security Goals Assurance Based on Software Active Monitoring'. Together they form a unique fingerprint.

Cite this