A New Approach to Security Evaluation of Operating Systems

  • Peter D. Zegzhda
  • Dmitry P. Zegzhda
  • Maxim O. Kalinin
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 1)


This paper addresses to the technique of security evaluation based on security attributes analysis in discretionary access control. A multi-level framework is built to calculate a set of effective user’s permissions automatically. Information about the effective access rights is necessary during security verification procedure. In this paper we also propose a schema of Security Evaluation System.


access control effective access permissions evaluation multi-level framework of security attribute security 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
  2. 2.
    Dillard, K., Maldonado, J., Warrender, B.: Microsoft Solutions for Security. Windows Server 2003 Security Guide. Microsoft (2003)Google Scholar
  3. 3.
    Common Criteriag. ISO/IEC 15408. Information technology. Security techniques. Evaluation criteria for IT security (2005)Google Scholar
  4. 4.
    Jajodia, S., Samarati, P., Subrahmanian, V.S.: A Logical Language for Expressing Authorizations. In: Proc. of the IEEE Symposium on Security and Privacy, IEEE Computer Society Press, Los Alamitos (1997)Google Scholar
  5. 5.
    Hoagland, J.A., Panday, R., Levitt, K.N.: Security Policy Specification Using a Graphical Approach. Tech. report CSE-98-3 (1998)Google Scholar
  6. 6.
    Dai, J., Alves-Foss, J.: A Formal Authorization Policy Model. Proc. Software Engineering Research & Applications (2003)Google Scholar
  7. 7.
    Ou, X., Govindavajhala, S., Appel, A.W.: MulVAL: A logic-based network security analyzer. In: 14th USENIX Security Symposium (2005)Google Scholar
  8. 8.
    Windows Access Control Demystified. Technical Report TR-744-06Google Scholar
  9. 9.
    Harrison, M.H., Ruzzo, W.L., Ullman, J.D.: Protection in operating systems. Communications of the ACM 19(8) (1976)Google Scholar
  10. 10.
    LaPadula, L.J., Bell, D.E.: Secure computer systems: A mathematical model, ESD-TR-278, V. 2, The Mitre Corp. (1973)Google Scholar
  11. 11.
    Ferraiolo, D., Kuhn, R.: Role-based access controls. In: Proc. of the 15th NIST-NCSC National Computer Security Conference (1992)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Peter D. Zegzhda
  • Dmitry P. Zegzhda
    • 1
  • Maxim O. Kalinin
    • 1
  1. 1.Information Security Centre of Saint-Petersburg Polytechnical UniversitySaint-PetersburgRussia

Personalised recommendations