Towards a Uniform Framework for Dynamic Analysis of Access Control Models

Security-critical system requirements are increasingly enforced through mandatory access control systems. These systems are controlled by security policies, highly sensitive system components, which emphasizes the paramount importance of formally verified security properties regarding policy correctness. For the class of safety-properties, addressing potential dynamic right proliferation, a number of known and tested formal analysis methods and tools already exist. Unfortunately, these methods need to be redesigned from scratch for each particular policy from a broad range of different application domains. In this paper, we seek to mitigate this problem by proposing a uniform formal framework, tailorable to a safety analysis algorithm for a specific application domain. We present a practical workflow, guided by model-based knowledge, that is capable of producing a meaningful formal safety definition along with an algorithm to heuristically analyze that safety. Our method is demonstrated based on security policies for the SELinux operating system. Keywords: Security engineering, security policies, access control systems, access control models, safety, heuristic analysis, SELinux.