@inproceedings{50a6ed9dc498401eb71539e6dc98a232,
title = "Security policy analysis using deductive spreadsheets",
abstract = "As security policies get larger and more complex, analysis tools that help users understand and validate security policies are becoming more important.This paper explores the use of deductive spreadsheets for security policy analysis.Deductive spreadsheets combine the power ofdeductive rules (for specifying policies and analyses) with the usability of spreadsheets.This approach is introduced with a simple example of analyzing information flow allowed by RBAC policies and then applied in two case studies: analysis of computer system configurations and analysisof Security-Enhanced Linux access control policies.",
keywords = "SELinux policy, Security policy analysis, Vulnerability analysis",
author = "Anu Singh and Ramakrishnan, \{C. R.\} and Ramakrishnan, \{I. V.\} and Stoller, \{Scott D.\} and Warren, \{David S.\}",
year = "2007",
doi = "10.1145/1314436.1314443",
language = "English",
isbn = "9781595938879",
series = "FMSE'07 - Proceedings of the 2007 ACM Workshop on Formal Methods in Security Engineering",
pages = "42--50",
booktitle = "FMSE'07 - Proceedings of the 2007 ACM Workshop on Formal Methods in Security Engineering",
note = "5th ACM Workshop on Formal Methods in Security Engineering, FMSE 2007 ; Conference date: 02-11-2007 Through 02-11-2007",
}