Security Policy Analysis using Deductive Spreadsheets

Anu Singh, C. R. Ramakrishnan, I. V. Ramakrishnan, Scott Stoller, David S. Warren


As security policies get larger and more complex, analysis tools that help users understand and validate security policies are becoming more important. This paper explores the use of deductive spreadsheets for security policy analysis. Deductive spreadsheets combine the power of deductive rules (for specifying policies and analyses) with the usability of spreadsheets. This approach is introduced with a simple example of analyzing information flow allowed by RBAC policies and then applied in two case studies: analysis of computer system configurations and analysis of Security-Enhanced Linux access control policies.

Bibtex Entry:

author = {Anu Singh and  C. R. Ramakrishnan and  I. V. Ramakrishnan and  Scott Stoller and  David S. Warren},
title = {Security Policy Analysis using Deductive Spreadsheets},
booktitle = {5th ACM Workshop on Formal Methods in Security Engineering (FMSE)},
address = {Fairfax, Virginia},
month = {Nov},
pages = {42--50},
year = {2007}

Full Paper: [pdf]

Home | Papers

C. R. Ramakrishnan