{"id":"https://openalex.org/W4402005606","doi":"https://doi.org/10.1145/3690636","title":"Specifying and Verifying Information Flow Control in SELinux Configurations","display_name":"Specifying and Verifying Information Flow Control in SELinux Configurations","publication_year":2024,"publication_date":"2024-08-29","ids":{"openalex":"https://openalex.org/W4402005606","doi":"https://doi.org/10.1145/3690636"},"language":"en","primary_location":{"id":"doi:10.1145/3690636","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3690636","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3690636","source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"bronze","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3690636","any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5082476880","display_name":"Lorenzo Ceragioli","orcid":"https://orcid.org/0000-0002-1288-9623"},"institutions":[{"id":"https://openalex.org/I127077003","display_name":"IMT School for Advanced Studies Lucca","ror":"https://ror.org/035gh3a49","country_code":"IT","type":"education","lineage":["https://openalex.org/I127077003"]}],"countries":["IT"],"is_corresponding":true,"raw_author_name":"Lorenzo Ceragioli","raw_affiliation_strings":["IMT School for Advanced Studies Lucca, Lucca, Italy"],"affiliations":[{"raw_affiliation_string":"IMT School for Advanced Studies Lucca, Lucca, Italy","institution_ids":["https://openalex.org/I127077003"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5043354136","display_name":"Letterio Galletta","orcid":"https://orcid.org/0000-0003-0351-9169"},"institutions":[{"id":"https://openalex.org/I127077003","display_name":"IMT School for Advanced Studies Lucca","ror":"https://ror.org/035gh3a49","country_code":"IT","type":"education","lineage":["https://openalex.org/I127077003"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Letterio Galletta","raw_affiliation_strings":["IMT School for Advanced Studies Lucca, Lucca Italy"],"affiliations":[{"raw_affiliation_string":"IMT School for Advanced Studies Lucca, Lucca Italy","institution_ids":["https://openalex.org/I127077003"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055365661","display_name":"Pierpaolo Degano","orcid":"https://orcid.org/0000-0002-8070-4838"},"institutions":[{"id":"https://openalex.org/I108290504","display_name":"University of Pisa","ror":"https://ror.org/03ad39j10","country_code":"IT","type":"education","lineage":["https://openalex.org/I108290504"]},{"id":"https://openalex.org/I127077003","display_name":"IMT School for Advanced Studies Lucca","ror":"https://ror.org/035gh3a49","country_code":"IT","type":"education","lineage":["https://openalex.org/I127077003"]}],"countries":["IT"],"is_corresponding":false,"raw_author_name":"Pierpaolo Degano","raw_affiliation_strings":["Universit\u00e0 di Pisa, Pisa Italy and IMT School for Advanced Studies Lucca, Lucca Italy"],"affiliations":[{"raw_affiliation_string":"Universit\u00e0 di Pisa, Pisa Italy and IMT School for Advanced Studies Lucca, Lucca Italy","institution_ids":["https://openalex.org/I127077003","https://openalex.org/I108290504"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5025344654","display_name":"David Basin","orcid":"https://orcid.org/0000-0003-2952-939X"},"institutions":[{"id":"https://openalex.org/I35440088","display_name":"ETH Zurich","ror":"https://ror.org/05a28rw58","country_code":"CH","type":"education","lineage":["https://openalex.org/I2799323385","https://openalex.org/I35440088"]}],"countries":["CH"],"is_corresponding":false,"raw_author_name":"David Basin","raw_affiliation_strings":["ETH Zurich, Zurich Switzerland"],"affiliations":[{"raw_affiliation_string":"ETH Zurich, Zurich Switzerland","institution_ids":["https://openalex.org/I35440088"]}]}],"institutions":[],"countries_distinct_count":2,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5082476880"],"corresponding_institution_ids":["https://openalex.org/I127077003"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.11964092,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"27","issue":"4","first_page":"1","last_page":"35"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998999834060669,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9932000041007996,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.9824000000953674,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8516677618026733},{"id":"https://openalex.org/keywords/mandatory-access-control","display_name":"Mandatory access control","score":0.7559705376625061},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.6787334084510803},{"id":"https://openalex.org/keywords/information-flow","display_name":"Information flow","score":0.6242125630378723},{"id":"https://openalex.org/keywords/security-policy","display_name":"Security policy","score":0.556835949420929},{"id":"https://openalex.org/keywords/confidentiality","display_name":"Confidentiality","score":0.4563274383544922},{"id":"https://openalex.org/keywords/control-flow","display_name":"Control flow","score":0.4444020688533783},{"id":"https://openalex.org/keywords/control","display_name":"Control (management)","score":0.4372447431087494},{"id":"https://openalex.org/keywords/application-security","display_name":"Application security","score":0.4213272035121918},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.4083673059940338},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.3945770263671875},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.31688597798347473},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.2775377929210663},{"id":"https://openalex.org/keywords/role-based-access-control","display_name":"Role-based access control","score":0.18396613001823425},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.15181168913841248},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.120612233877182}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8516677618026733},{"id":"https://openalex.org/C2777407602","wikidata":"https://www.wikidata.org/wiki/Q1888932","display_name":"Mandatory access control","level":4,"score":0.7559705376625061},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.6787334084510803},{"id":"https://openalex.org/C2779136372","wikidata":"https://www.wikidata.org/wiki/Q10283002","display_name":"Information flow","level":2,"score":0.6242125630378723},{"id":"https://openalex.org/C154908896","wikidata":"https://www.wikidata.org/wiki/Q2167404","display_name":"Security policy","level":2,"score":0.556835949420929},{"id":"https://openalex.org/C71745522","wikidata":"https://www.wikidata.org/wiki/Q2476929","display_name":"Confidentiality","level":2,"score":0.4563274383544922},{"id":"https://openalex.org/C160191386","wikidata":"https://www.wikidata.org/wiki/Q868299","display_name":"Control flow","level":2,"score":0.4444020688533783},{"id":"https://openalex.org/C2775924081","wikidata":"https://www.wikidata.org/wiki/Q55608371","display_name":"Control (management)","level":2,"score":0.4372447431087494},{"id":"https://openalex.org/C77109596","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Application security","level":5,"score":0.4213272035121918},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.4083673059940338},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.3945770263671875},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.31688597798347473},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.2775377929210663},{"id":"https://openalex.org/C45567728","wikidata":"https://www.wikidata.org/wiki/Q1702839","display_name":"Role-based access control","level":3,"score":0.18396613001823425},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.15181168913841248},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.120612233877182},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.0},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.0},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3690636","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3690636","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3690636","source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"}],"best_oa_location":{"id":"doi:10.1145/3690636","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3690636","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3690636","source":{"id":"https://openalex.org/S4210174050","display_name":"ACM Transactions on Privacy and Security","issn_l":"2471-2566","issn":["2471-2566","2471-2574"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310319798","host_organization_name":"Association for Computing Machinery","host_organization_lineage":["https://openalex.org/P4310319798"],"host_organization_lineage_names":["Association for Computing Machinery"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"ACM Transactions on Privacy and Security","raw_type":"journal-article"},"sustainable_development_goals":[{"score":0.5199999809265137,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"grobid_xml":false,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4402005606.pdf"},"referenced_works_count":23,"referenced_works":["https://openalex.org/W644720917","https://openalex.org/W1489391022","https://openalex.org/W1585890653","https://openalex.org/W1966354044","https://openalex.org/W1972532809","https://openalex.org/W1977764760","https://openalex.org/W1982470463","https://openalex.org/W2061056245","https://openalex.org/W2088480117","https://openalex.org/W2094873755","https://openalex.org/W2116860113","https://openalex.org/W2122049982","https://openalex.org/W2135870733","https://openalex.org/W2152505375","https://openalex.org/W2158126684","https://openalex.org/W2524423996","https://openalex.org/W2617413542","https://openalex.org/W2725468844","https://openalex.org/W2903201009","https://openalex.org/W3013345605","https://openalex.org/W3046976810","https://openalex.org/W4241918769","https://openalex.org/W4312499531"],"related_works":["https://openalex.org/W1575986870","https://openalex.org/W1514244613","https://openalex.org/W2105261429","https://openalex.org/W2128487827","https://openalex.org/W1969848899","https://openalex.org/W3102965473","https://openalex.org/W2953659785","https://openalex.org/W2342414279","https://openalex.org/W2022781334","https://openalex.org/W2032731920"],"abstract_inverted_index":{"Security":[0],"Enhanced":[1],"Linux":[2,9],"(SELinux)":[3],"is":[4,31,84],"a":[5,90,105,112,137],"security":[6,35],"architecture":[7],"for":[8,118],"implementing":[10],"Mandatory":[11],"Access":[12],"Control.":[13],"It":[14],"has":[15],"been":[16],"used":[17],"in":[18,79],"numerous":[19],"security-critical":[20],"contexts":[21],"ranging":[22],"from":[23],"servers":[24],"to":[25,39,51,60,73,87,139],"mobile":[26],"devices.":[27],"However,":[28],"its":[29],"application":[30],"challenging":[32],"as":[33,75],"SELinux":[34],"policies":[36],"are":[37,71],"difficult":[38],"write,":[40],"understand,":[41],"and":[42,59,108,131,144],"maintain.":[43],"Recently,":[44],"the":[45,53],"intermediate":[46],"language":[47],"CIL":[48,69,103,117],"was":[49],"introduced":[50],"foster":[52],"development":[54],"of":[55,116],"high-level":[56],"policy":[57],"languages":[58],"write":[61],"structured":[62],"configurations.":[63],"Despite":[64],"CIL\u2019s":[65],"high":[66],"level":[67],"features,":[68],"configurations":[70],"hard":[72],"understand":[74],"different":[76],"constructs":[77],"interact":[78],"non-trivial":[80],"ways.":[81],"Moreover,":[82],"there":[83],"no":[85],"mechanism":[86],"ensure":[88],"that":[89],"given":[91],"configuration":[92],"obeys":[93],"desired":[94],"information":[95,121],"flow":[96,122],"policies.":[97,152],"To":[98],"remedy":[99],"this,":[100],"we":[101,109,145],"enrich":[102],"with":[104],"formal":[106],"semantics,":[107],"propose":[110],"IFCIL,":[111,125],"backward":[113],"compatible":[114],"extension":[115],"specifying":[119],"fine-grained":[120],"requirements.":[123],"Using":[124],"administrators":[126],"can":[127],"express":[128],"confidentiality,":[129],"integrity,":[130],"non-interference":[132],"properties.":[133],"We":[134],"also":[135],"provide":[136],"tool":[138],"statically":[140],"verify":[141],"these":[142],"requirements":[143],"experimentally":[146],"assess":[147],"it":[148],"on":[149],"ten":[150],"real-world":[151]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-10-10T00:00:00"}