IFCIL: An Information Flow Configuration Language for SELinux

Security Enhanced Linux (SELinux) is a security architecture for Linux implementing mandatory access control. It has been used in numerous security-critical contexts ranging from servers to mobile devices. But this is challenging as SELinux security policies are difficult to write, understand, and m...

Full description

Saved in:
Bibliographic Details
Published in:2022 IEEE 35th Computer Security Foundations Symposium (CSF) pp. 243 - 259
Main Authors: Ceragioli, Lorenzo, Galletta, Letterio, Degano, Pierpaolo, Basin, David
Format: Conference Proceeding
Language:English
Published: IEEE 01.08.2022
Subjects:
Access control
Computer architecture
Computer security
Distance measurement
formal methods and verification
information flow control
language based security
Linux
Mobile handsets
SELinux
Servers
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Security Enhanced Linux (SELinux) is a security architecture for Linux implementing mandatory access control. It has been used in numerous security-critical contexts ranging from servers to mobile devices. But this is challenging as SELinux security policies are difficult to write, understand, and maintain. Recently, the intermediate language CIL was introduced to foster the development of high-level policy languages and to write structured configurations. However, CIL lacks mechanisms for ensuring that the resulting configurations obey desired information flow policies. To remedy this, we propose IFCIL, a backward compatible extension of CIL for specifying fine-grained information flow requirements for CIL configurations. Using IFCIL, administrators can express, e.g., confidentiality, integrity, and non-interference properties. We also provide a tool to statically verify these requirements.
DOI:10.1109/CSF54842.2022.9919690