CERIAS Security: Information Flow Analysis in Security Enhanced Linux

Most people now realize that computer security is hard. However, many people do not realize that creating a correct security policy is hard. Creating an accurate security policy is on the order of complexity of developing software in general. In particular how can you show the policy is correct?

The focus of this seminar is to look at tools and techniques for showing that the mandatory security policy based on type enforcement meets its objectives. The approach breaks down the security policy objectives so that they can be studied in terms of information flows. The policies are specified for the Security Enhanced Linux type enforcement mechanism. Type enforcement and mandatory access control will also be discussed. 

 Speaker: Dan Thomsen · Senior Research Scientist · Tresys Technology 







Published by:

Reza Rafati's picture

Reza Rafati

Hi, I'm the founder of Cyberwarzone and i'm here to collect and share a lot of information. So stay tuned!

The Netherlands

My website