Model Checking Distributed Mandatory Access Control Policies

Abstract

This work examines the use of model checking techniques to verify system-level security properties of a collection of interacting virtual machines. Specifically, we examine how local access control policies implemented in individual virtual machines and a hypervisor can be shown to satisfy global access control constraints. The SAL model checker is used to model and verify a collection of stateful domains with protected resources and local MAC policies attempting to access needed resources from other domains. The model is described along with verification conditions. The need to control state-space explosion is motivated and techniques for writing theorems and limiting domains explored. Finally, analysis results are examined along with analysis complexity.

Document Details

Document Type
Pub Defense Publication
Publication Date
Jul 15, 2015
Source ID
10.1145/2785966

Entities

People

  • George Coker
  • Lee Pike
  • Perry Alexander
  • Peter Loscocco

Organizations

  • Galois, Inc.
  • National Security Agency
  • United States Department of Defense
  • University of Kansas

Tags

Fields of Study

  • Computer science

Readers

  • Computer Networking
  • Mathematical Modeling and Probability Theory.
  • Parallel and Distributed Computing.

Technology Areas

  • Space