Security policy for SELinux is usually created by customizing a sample policy called refpolicy. However, describing and verifying security policy configurations is difficult because in refpolicy, there are more than 100,000 lines of configurations, thousands of elements such as permissions, macros and labels. The memory footprint of refpolicy which is around 5MB, is also a problem for resource constrained devices. We propose a security policy configuration system SEEdit which facilitates creating security policy by a higher level language called SPDL and SPDL tools. SPDL reduces the number of permissions by integrated permissions and removes label configurations. SPDL tools generate security policy configurations from access logs and tool u...
The goal of this bachelor’s thesis is to create a security policy module for an application from KDE...
Security Enhanced Linux (SELinux) [18] has evolved rapidly over the last few years, with many enhanc...
The protection mechanisms of current mainstream operating systems are inadequate to support confiden...
Security policy for SELinux is usually created by customizing a sample policy called refpolicy. Howe...
Most of the statements in the current SELinux policy language operate directly on features of the un...
SELinux security policies are powerful tools to implement properties such as process confinement and...
The goal of this thesis is to describe principles of SELinux technology. Thesis examines and comment...
This thesis deals with technologies of SELinux security policy writing. Furthermore the thesis analy...
Expressing security architectures that meet required security goals for a system in SELinux policy l...
Whether a particular computing installation meets its security goals depends on whether the administ...
This paper presents a formal model, called SELAC, for analyzing an arbitrary security policy configu...
Cílem této práce je vytvoření SELinux bezpečnostní politiky pro vybranou aplikaci. Pro dosažení toho...
The root privilege escalation attack is extremely destructive to the security of the Android system....
This paper discusses Security Enhanced Linux [1] (SELinux). First, I will outline some general aspec...
Cílem této práce je vytvoření bezpečnostní politiky v SELinuxu pro aplikaci Shotwell, v systému Fedo...
The goal of this bachelor’s thesis is to create a security policy module for an application from KDE...
Security Enhanced Linux (SELinux) [18] has evolved rapidly over the last few years, with many enhanc...
The protection mechanisms of current mainstream operating systems are inadequate to support confiden...
Security policy for SELinux is usually created by customizing a sample policy called refpolicy. Howe...
Most of the statements in the current SELinux policy language operate directly on features of the un...
SELinux security policies are powerful tools to implement properties such as process confinement and...
The goal of this thesis is to describe principles of SELinux technology. Thesis examines and comment...
This thesis deals with technologies of SELinux security policy writing. Furthermore the thesis analy...
Expressing security architectures that meet required security goals for a system in SELinux policy l...
Whether a particular computing installation meets its security goals depends on whether the administ...
This paper presents a formal model, called SELAC, for analyzing an arbitrary security policy configu...
Cílem této práce je vytvoření SELinux bezpečnostní politiky pro vybranou aplikaci. Pro dosažení toho...
The root privilege escalation attack is extremely destructive to the security of the Android system....
This paper discusses Security Enhanced Linux [1] (SELinux). First, I will outline some general aspec...
Cílem této práce je vytvoření bezpečnostní politiky v SELinuxu pro aplikaci Shotwell, v systému Fedo...
The goal of this bachelor’s thesis is to create a security policy module for an application from KDE...
Security Enhanced Linux (SELinux) [18] has evolved rapidly over the last few years, with many enhanc...
The protection mechanisms of current mainstream operating systems are inadequate to support confiden...