Supporting access control policies across multiple operating systems

The evaluation of computer systems has been an important issue for many years, as evidenced by the introduction of in-dustry evaluation guides such as the Rainbow Books and the more recent Common Criteria for IT Security Evaluation. As organizations depend on the Internet for their daily op-erations, the need for evaluation is even more apparent due to new security risks. It is not uncommon for large organi-zations to evaluate different systems, such as operating sys-tems, to identify which would best fit their security policy. Each system would undoubtedly use different methods to represent access control policies. The security policy would therefore need to be translated into specific access control policies that each system understands, which is challenging when large and complex systems are involved. In this pa-per, we focus on the evaluation of operating systems. We describe Chameleos, a policy specification language that is designed to specify the access control policies of multiple op-erating systems. The strength of Chameleos is its flexibility to cater to many operating systems, while remaining suf-ficiently extensible to support the specific features of each system. We describe the design and architecture of Cha-meleos, and demonstrate that Chameleos can flexibly and effectively represent the access control policies of grsecurity and SELinux – two very different systems