V3SPA: A visual analysis, exploration, and diffing tool for SELinux and SEAndroid security policies

SELinux policies have enormous potential to enforce granular security requirements, but the size and complexity of SELinux security policies make them challenging for security policy administrators to determine whether the implemented policy meets an organization's security requirements. To address the challenges in developing and maintaining SELinux security policies, this paper presents V3SPA (Verification, Validation and Visualization of Security Policy Abstractions). V3SPA is a tool that can import SELinux and Security Enhancements (SE) for Android source or binary policies and visualize them using two views: A policy explorer, and a policy differ. The policy explorer supports users in exploring a policy and understanding the relationships defined by the policy. The diffing view is designed to support differential policy analysis, showing the changes between two versions of a policy. The main contributions of this paper are 1) the design of the policy explorer, and the design and novel usecase for the policy differ, 2) a report on system design considerations to enable the graph visualizations to scale up to visualizing policies with tens of thousands of nodes and edges, and 3) a survey of five SELinux and SE for Android policy developers and analysts. The results of the survey indicate a need for tools such as V3SPA to help policy workers understand the big picture of large, complex security policies.

[1]  Nicholas Chen,et al.  TreeJuxtaposer : Scalable Tree Comparison using Focus + Context with Guaranteed Visibility , 2006 .

[2]  Ben Shneiderman,et al.  Group-in-a-Box Layout for Multi-faceted Analysis of Communities , 2011, 2011 IEEE Third Int'l Conference on Privacy, Security, Risk and Trust and 2011 IEEE Third Int'l Conference on Social Computing.

[3]  Peng Ning,et al.  EASEAndroid: Automatic Policy Analysis and Refinement for Security Enhanced Android via Large-Scale Semi-Supervised Learning , 2015, USENIX Security Symposium.

[4]  Stephen Smalley,et al.  Integrating Flexible Support for Security Policies into the Linux Operating System , 2001, USENIX Annual Technical Conference, FREENIX Track.

[5]  Mohamed Shehab,et al.  SEGrapher: Visualization-based SELinux policy analysis , 2011, 2011 4th Symposium on Configuration Analytics and Automation (SAFECONFIG).

[6]  Ben Shneiderman,et al.  TreeVersity: Interactive Visualizations for Comparing Hierarchical Data Sets , 2013 .

[7]  Stephen Smalley,et al.  The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments , 2000 .

[8]  M. Sheelagh T. Carpendale,et al.  A Review of Temporal Data Visualizations Based on Space-Time Cube Operations , 2014, EuroVis.

[9]  Hong Chen,et al.  Analyzing and Comparing the Protection Quality of Security Enhanced Operating Systems , 2009, NDSS.

[10]  Mathieu Bastian,et al.  Gephi: An Open Source Software for Exploring and Manipulating Networks , 2009, ICWSM.

[11]  Karsten Klein,et al.  High-Quality Ultra-Compact Grid Layout of Grouped Networks , 2016, IEEE Transactions on Visualization and Computer Graphics.

[12]  Lujo Bauer,et al.  Expandable grids for visualizing and authoring computer security policies , 2008, CHI.

[13]  Peter Loscocco,et al.  Meeting Critical Security Objectives with Security-Enhanced Linux , 2001 .

[14]  Stephen Smalley,et al.  Security Enhanced (SE) Android: Bringing Flexible MAC to Android , 2013, NDSS.

[15]  Gail-Joon Ahn,et al.  Visualization-based policy analysis for SELinux: framework and user study , 2012, International Journal of Information Security.

[16]  Patrice Clemente,et al.  SPTrack: Visual Analysis of Information Flows within SELinux Policies and Attack Logs , 2012, AMT.

[17]  Peter Eades,et al.  FADE: Graph Drawing, Clustering, and Visual Abstraction , 2000, GD.

[18]  Gail-Joon Ahn,et al.  Visualization based policy analysis: case study in SELinux , 2008, SACMAT '08.

[19]  David Caplan,et al.  SELinux by Example: Using Security Enhanced Linux (Prentice Hall Open Source Software Development Series) , 2006 .

[20]  Qian Xu,et al.  Visualization Analysis of Multi-Domain Access Control Policy Integration Based on Tree-Maps and Semantic Substrates , 2012 .

[21]  Kim Marriott,et al.  HOLA: Human-like Orthogonal Network Layout , 2016, IEEE Transactions on Visualization and Computer Graphics.