Beyond SELinux: the Case for Behavior-Based Policy and Trust Languages

Authors

Sergey Bratus, Dartmouth CollegeFollow
Michael E. Locasto, University of Calgary
Boris Otto, Dartmouth College
Rebecca Shapiro, Dartmouth College
Sean W. Smith, Dartmouth College
Gabriel Weaver, Dartmouth College

Document Type

Technical Report

Publication Date

8-2011

Technical Report Number

TR2011-701

Abstract

Despite the availability of powerful mechanisms for security policy and access control, real-world information security practitioners---both developers and security officers---still find themselves in need of something more. We believe that this is the case because available policy languages do not provide clear and intelligible ways to allow developers to communicate their knowledge and expectations of trustworthy behaviors and actual application requirements to IT administrators. We work to address this policy engineering gap by shifting the focus of policy language design to this communication via behavior-based policies and their motivating scenarios.

Dartmouth Digital Commons Citation

Bratus, Sergey; Locasto, Michael E.; Otto, Boris; Shapiro, Rebecca; Smith, Sean W.; and Weaver, Gabriel, "Beyond SELinux: the Case for Behavior-Based Policy and Trust Languages" (2011). Computer Science Technical Report TR2011-701. https://digitalcommons.dartmouth.edu/cs_tr/333