Policy Analysis Tools for XSM/Flask

Abstract

The objective of this project is to develop systems policy management infrastructure for Xen virtual machine systems that leverage the Xen Security Modules (XSM) framework and the policy enforcement of SELinux. The reference monitor concept requires a tamperproof trusted computing base that mediates all security-sensitive operations to enforce the system's security goals. A Xen system's trusted computing base consists of the Xen hypervisor and privileged VMs running SELinux. The XSM framework and SELinux ensure mediation of all security-sensitive operations, but the design of policies to ensure a tamperproof trusted computing base that enforces system's security goals are yet to be realized. A systems policy infrastructure is necessary to assist in XSM and SELinux policy design, analyze a combination of access control policies, and debug across the sets of policies.

Related Publications