Dec. 12, 2009 to Dec. 14, 2009
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/DASC.2009.129
Recently, dynamic access control models are proposed to restrict access domain appropriately in Multi-Layered Defense. However, policy description languages proposed so far can not express the models effectively in proper granularity. In this paper, we propose a policy description language which can designate precise condition for access control by using dynamic status of application process. Using the proposed language, we compose the policy of SELinux which is major implementation achieving Multi-Layered Defense and confirm the advantages of the proposed language by evaluating the response and the expressiveness.
Access control, Computer security
Masaki Hashimoto, Mira Kim, Hidenori Tsuji, Hidehiko Tanaka, "Policy Description Language for Dynamic Access Control Models", DASC, 2009, Dependable, Autonomic and Secure Computing, IEEE International Symposium on, Dependable, Autonomic and Secure Computing, IEEE International Symposium on 2009, pp. 37-42, doi:10.1109/DASC.2009.129