Abstract
In this paper, we propose a visualization-based policy analysis framework that enables system administrators to query and visualize security policies and to easily identify the policy violations, especially focused on SELinux. Furthermore, we propose a visual query language for expressing policy queries in a visual form. Our framework provides an intuitive cognitive sense about the policy, policy queries and policy violations. We also describe our implementation of a visualization-based policy analysis tool that supports the functionalities discussed in our framework. In addition, we discuss our study on usability of our tool with evaluation criteria and experimental results.
Similar content being viewed by others
Notes
M and SD denote mean and standard deviation, respectively.
References
Anderson, A.P.: Computer Security Technology Planning Study. Technical Report ESD-TR-73-51, II (1972)
Aris, A.: Network visualization by semantic substrates. IEEE Trans. Vis. Comput. Graph. 12(5), 733–740 (2006). Senior Member-Ben Shneiderman
Biba, K.J.: Integrity Consideration for Secure Compuer System. Technical report, Mitre Corp. Report TR-3153, Bedford, Mass (1977)
Denning, D.E.: A lattice model of secure information flow. Commun. ACM 19(5), 236–243 (1976)
Erbacher, R.: Intrusion behavior detection through visualization. In: IEEE International Conference on Systems, Man and Cybernetics, pp. 2507–2513 (Oct 2003)
Green, M.: Toward a perceptual science of multidimensional data visualization: Bertin and beyond. Available from http://www.ergogero.com/dataviz/dviz2.html, 1998
Guttman, J., Herzog, A., Ramsdell, J.: Information flow in operating systems: Eager formal methods. In: Workshop on Issues in the Theory of Security (WITS) (2003)
Herman, I., Melancon, G., Marshall, M.: Graph visualization and navigation in information visualization: A survey. IEEE Trans. Vis. Comput. Graph. 6(1), 24–43 (2000)
H.C. I. L. at University of Maryland. Piccolo. Available from http://www.cs.umd.edu/hcil/jazz/download/index.shtml
Itoh, T., Takakura, H., Sawada, A., Koyamada, K.: Hierarchical visualization of network intrusion detection data. IEEE Comput. Graph. Appl. 26(2), 40–47 (2006)
Jaeger, R.S.T., Zhang, X.: Resolving Constraint Conflicts. In: Sacmat ’04: Proceedings of the Ninth Acm Symposium on Access Control Models And Technologies, pp. 105–114 (2004)
Jaeger, X.Z.T., Edwards, A.: Policy management using access control spaces. ACM Trans. Inf. Syst. Secur. (TISSEC) 6, 327–364 (2003)
Jaeger, T., Sailer, R., Shankar, U.: Prima: policy-reduced integrity measurement architecture. In: SACMAT ’06: Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies, pp. 19–28. ACM, New York, NY, USA (2006)
Jaeger, T., Sailer, R., Zhang, X.: Analyzing integrity protection in the selinux example policy. In: SSYM’03: Proceedings of the 12th Conference on USENIX Security Symposium, pp. 59–74. USENIX Association, Berkeley, CA, USA (2003)
Keller, R., Eckert, C.M., Clarkson, P.J.: Matrices or node-link diagrams: which visual representation is better for visualising connectivity models? Inf. Vis. 5(1), 62–76 (2006)
Lee, C., Trost, J., Raheem, N.G.B., Copeland, J.: Visual firewall: Real-time network security monitor. In: IEEE Workshops Visualization for Computer, Security, pp. 129–136 (2005)
Lime Survey Tool http://www.limesurvey.org/
Loscocco, P., Smalley, S.: Integrating flexible support for security policies into the linux operating system. In: USENIX Annual Technical Conference, FREENIX Track, pp. 29–42 (2001)
Loscocco, P.A., Smalley, S.D.: Meeting critical security objectives with security-enhanced linux. In: Proceedings of the Ottawa Linux Symposium (2001)
Mathew, S., Giomundo, R., Upadhyaya, S., Sudit, M., Stotz, A.: Understanding multistage attacks by attack-track based visualization of heterogeneous event streams. In: VizSEC ’06: Proceedings of the 3rd International Workshop on Visualization for Computer Security, pp. 1–6. ACM, New York, NY, USA (2006)
Nidhi, S.: Fireviz: A personal firewall visualizing tool. In: Thesis (M. Eng.), Massachusetts Institute of Technology, Department of Electrical Engineering and Computer Science (2005)
Noel, S., Jajodia, S.: Managing attack graph complexity through visual hierarchical aggregation. In: VizSEC/DMSEC ’04: Proceedings of the 2004 ACM workshop on Visualization and data mining for computer security, pp. 109–118. ACM, New York, NY, USA (2004)
Paired Samples T-tests. http://www.statisticssolutions.com/methods-chapter/statistical-tests/paired-sample-t-test/
Reiterer, H., Muler, G.: A visual information seeking system for web search. In: Proceedings of the Oberquelle, H., Oppermann, R., Krause, J. (eds) Mensch& Computer Conference, pp. 297–306, (March 2001)
Reiterer, H., Tullius, G., Mann, T.: Insyder: A content-based visual-informationseeking system for the web. Springer-Verlag GmbH, International Journal on Digital Libraries (2005)
Saltzer, J., Schroeder, M., (1975) The protection of information in computer systems. In: Proceedings of the IEEE, pp. 1278–1308.
Sarna-Starosta, B., Stoller, S.D.: Policy analysis for security-enhanced linux. In: Proceedings of the 2004 Workshop on Issues in the Theory of Security (WITS), pp. 1–12 (April 2004)
Shankar, U., Jaeger, T., Sailer, R.: Toward automated information-flow integrity verification for security-critical applications. In: NDSS, The Internet Society (2006)
Shen, Z., Ma, K.: Path visualization for adjacency matrices. In: Proceedings of Eurographics/IEEE Symposium on Visualization (EuroVis), May 2007
Smalley, S.: Configuring the SELinux policy. http://www.nsa.gov/SELinux/docs.html, 2003
Sutcliffe, A.G., Ennis, M., Watkinson, S.J.: Empirical studies of end-user information searching. J. Am. Soc. Inf. Sci. 51(13), 1211–1231 (2000)
Secure computer systems: Unified exposition and multics interpretation. MITRE Corporation, 1976
System management concepts: Operating system and devices, 1 ed., (1999)
Thompson, R.S., Rantanen, E.M., Yurcik, W., Bailey, B.P.: Command line or pretty lines?: comparing textual and visual interfaces for intrusion detection. In: CHI ’07: Proceedings of the SIGCHI Conference on Human Factors in Computing Systems, pp. 1205. ACM, New York, NY, USA (2007)
Tran, T., Al-Shaer, E.S., Boutaba, R.: Policyvis: Firewall security policy visualization and inspection. In: Lisa, pp. 1–16 (2007)
Tresys Technology Apol. http://www.tresys.com/selinux/
Yao, D., Shin, M., Tamassia, R., Winsborough, W.H.: Visualization of automated trust negotiation. In: VizSEC 05: IEEE Workshop on Visualization for Computer, Security, Oct 2005
Yin, X., Yurcik, W., Treaster, M., Li, Y., Lakkaraju, K.: Visflowconnect: netflow visualizations of link relationships for security situational awareness. In: VizSEC/DMSEC ’04: Proceedings of the 2004 ACM Workshop on Visualization and Data Mining for Computer Security, pp. 26–34. ACM, New York, NY, USA (2004)
Yurcik, W.: Visualizing netflows for security at line speed: the sift tool suite. In: LISA’05: Proceedings of the 19th Conference on Large Installation System Administration Conference, pp. 169–176. USENIX Association, Berkeley, CA, USA (2005)
Yurcik, W.: Tool update: visflowconnect-ip with advanced filtering from usability testing. In: VizSEC ’06: Proceedings of the 3rd International Workshop on Visualization for Computer Security, pp. 63–64. ACM, New York, NY, USA (2006)
Acknowledgments
The work of Gail-Joon Ahn and Wenjuan Xu was partially supported by the grants from National Science Foundation and Department of Energy.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Xu, W., Shehab, M. & Ahn, GJ. Visualization-based policy analysis for SELinux: framework and user study. Int. J. Inf. Secur. 12, 155–171 (2013). https://doi.org/10.1007/s10207-012-0180-7
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-012-0180-7