Visualization-based policy analysis for SELinux: Framework and user study

Wenjuan Xu, Mohamed Shehab, Gail-Joon Ahn

Research output: Contribution to journalArticlepeer-review

9 Scopus citations


In this paper, we propose a visualization-based policy analysis framework that enables system administrators to query and visualize security policies and to easily identify the policy violations, especially focused on SELinux. Furthermore, we propose a visual query language for expressing policy queries in a visual form. Our framework provides an intuitive cognitive sense about the policy, policy queries and policy violations. We also describe our implementation of a visualization-based policy analysis tool that supports the functionalities discussed in our framework. In addition, we discuss our study on usability of our tool with evaluation criteria and experimental results.

Original languageEnglish (US)
Pages (from-to)155-171
Number of pages17
JournalInternational Journal of Information Security
Issue number3
StatePublished - Jun 2013


  • Policy analysis
  • SELinux
  • Visualization-based

ASJC Scopus subject areas

  • Software
  • Information Systems
  • Safety, Risk, Reliability and Quality
  • Computer Networks and Communications


Dive into the research topics of 'Visualization-based policy analysis for SELinux: Framework and user study'. Together they form a unique fingerprint.

Cite this