TY - GEN
T1 - Towards the specification of access control policies on multiple operating systems
AU - Teo, Lawrence
AU - Ahn, Gail Joon
PY - 2004/12/1
Y1 - 2004/12/1
N2 - In the past, operating systems tended to lack well-defined access control policy specification languages and syntax. For example, a UNIX operating system that is based on the Discretionary Access Control (DAC) paradigm has decentralized security policies based on technology that has been developed over the years. With such policies, it is difficult to identify the permissions given to each user, and who has what access to which resources. With the advent of recent security-enhanced operating systems such as SELinux, this is no longer the case; the access control policy for almost all resources is now stored centrally and applied universally throughout the system. This is certainly more manageable but is not without costs. Firstly, such policies tend to be complex. Secondly, as more of such systems are developed, each system would have its own policy specification syntax. A system administrator who intends to evaluate or migrate to a new system would have to learn the syntax of the new system. In this paper, we propose a solution to this problem by introducing the initial design of a new policy specification language that can be used to represent access control policies for multiple operating systems. To serve its purpose, this language must be flexible enough to cater to many operating systems, while being sufficiently extensible to support the specific features of each target operating system. We present the criteria, features, and approach that we are using to design the language. We also describe the role of two systems - SELinux and Systrace - in the design of our language. We also discuss our consideration of ASL as a potential candidate language, and why we chose to design our own language instead.
AB - In the past, operating systems tended to lack well-defined access control policy specification languages and syntax. For example, a UNIX operating system that is based on the Discretionary Access Control (DAC) paradigm has decentralized security policies based on technology that has been developed over the years. With such policies, it is difficult to identify the permissions given to each user, and who has what access to which resources. With the advent of recent security-enhanced operating systems such as SELinux, this is no longer the case; the access control policy for almost all resources is now stored centrally and applied universally throughout the system. This is certainly more manageable but is not without costs. Firstly, such policies tend to be complex. Secondly, as more of such systems are developed, each system would have its own policy specification syntax. A system administrator who intends to evaluate or migrate to a new system would have to learn the syntax of the new system. In this paper, we propose a solution to this problem by introducing the initial design of a new policy specification language that can be used to represent access control policies for multiple operating systems. To serve its purpose, this language must be flexible enough to cater to many operating systems, while being sufficiently extensible to support the specific features of each target operating system. We present the criteria, features, and approach that we are using to design the language. We also describe the role of two systems - SELinux and Systrace - in the design of our language. We also discuss our consideration of ASL as a potential candidate language, and why we chose to design our own language instead.
UR - http://www.scopus.com/inward/record.url?scp=15944391639&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=15944391639&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:15944391639
SN - 0780385721
SN - 9780780385726
T3 - Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC
SP - 210
EP - 217
BT - Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC
T2 - Proceedings fron the Fifth Annual IEEE System, Man and Cybernetics Information Assurance Workshop, SMC
Y2 - 10 June 2004 through 11 June 2004
ER -