Granalyze: towards the automatic verification of Grsecurity RBAC policies

DSpace/Manakin Repository

Show simple item record

dc.contributor.advisor Focardi, Riccardo it_IT
dc.contributor.author Squarcina, Marco <1984> it_IT
dc.date.accessioned 2014-06-08 it_IT
dc.date.accessioned 2014-09-20T08:47:08Z
dc.date.available 2014-09-20T08:47:08Z
dc.date.issued 2014-06-26 it_IT
dc.identifier.uri http://hdl.handle.net/10579/4729
dc.description.abstract Role-based Access Control (RBAC) is one of the most widespread security mechanisms in use today. Given the growing complexity of policy specifications arising from system administrators' needs, formally verifying that access control systems enforce some defined security invariants is a problem of crucial importance. In a previous work which has been accepted for presentation at IEEE CSF 2012, we developed a framework for the formal verification of Grsecurity RBAC, an access control system developed on top of Unix/Linux systems. In this thesis we improve the framework by considering the interaction with the underlying operating system. This refinement allows for a reduction in the number of transitions within the labelled transition systems resulting from policies. Additionally, we deal with the problem of automatic verification of Grsecurity RBAC policies by defining a set of security invariants. Based on our abstract semantics, we implement Granalyze, a model checker that accounts for the verification of real policies. We report on the results of the experimental analysis conducted using the tool on existing public servers running Grsecurity RBAC. it_IT
dc.language.iso en it_IT
dc.publisher Università Ca' Foscari Venezia it_IT
dc.rights © Marco Squarcina, 2014 it_IT
dc.title Granalyze: towards the automatic verification of Grsecurity RBAC policies it_IT
dc.title.alternative Automatic Verification of Grsecurity RBAC Policies it_IT
dc.type Master's Degree Thesis it_IT
dc.degree.name Informatica - computer science it_IT
dc.degree.level Laurea magistrale it_IT
dc.degree.grantor Dipartimento di Scienze Ambientali, Informatica e Statistica it_IT
dc.description.academicyear 2013/2014, sessione estiva it_IT
dc.rights.accessrights openAccess it_IT
dc.thesis.matricno 814359 it_IT
dc.subject.miur INF/01 INFORMATICA it_IT
dc.description.note it_IT
dc.degree.discipline it_IT
dc.contributor.co-advisor it_IT
dc.date.embargoend it_IT
dc.provenance.upload Marco Squarcina (814359@stud.unive.it), 2014-06-08 it_IT
dc.provenance.plagiarycheck Riccardo Focardi (focardi@unive.it), 2014-06-24 it_IT


Files in this item

This item appears in the following Collection(s)

Show simple item record