{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,1]],"date-time":"2026-04-01T14:38:42Z","timestamp":1775054322229,"version":"3.50.1"},"publisher-location":"Cham","reference-count":30,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783319279978","type":"print"},{"value":"9783319279985","type":"electronic"}],"license":[{"start":{"date-parts":[[2015,1,1]],"date-time":"2015-01-01T00:00:00Z","timestamp":1420070400000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2015]]},"DOI":"10.1007\/978-3-319-27998-5_19","type":"book-chapter","created":{"date-parts":[[2016,1,29]],"date-time":"2016-01-29T06:08:51Z","timestamp":1454047731000},"page":"294-309","source":"Crossref","is-referenced-by-count":4,"title":["SCIATool: A Tool for Analyzing SELinux Policies Based on Access Control Spaces, Information Flows and CPNs"],"prefix":"10.1007","author":[{"given":"Gaoshou","family":"Zhai","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tao","family":"Guo","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jie","family":"Huang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2016,1,30]]},"reference":[{"key":"19_CR1","unstructured":"Smalley, S., Vance, C., Salamon, W.: Implementing SELinux as a linux security module. NAI labs report #01-043 (2006)"},{"key":"19_CR2","unstructured":"Smalley. S.: Configuring the SELinux policy. NAI Labs Report #02-007 (2005)"},{"issue":"3","key":"19_CR3","doi-asserted-by":"publisher","first-page":"327","DOI":"10.1145\/937527.937528","volume":"6","author":"T Jaeger","year":"2003","unstructured":"Jaeger, T., Zhang, X., Edwards, A.: Policy management using access control space. ACM Trans. Inf. Syst. Secur. 6(3), 327\u2013364 (2003)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"19_CR4","doi-asserted-by":"crossref","unstructured":"Zanin, G., Mancini, L.V.: Towards a formal model for security policies specification and validation in the SELinux system. In: Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, pp. 136\u2013145. Association for Computing Machinery (ACM), New York (2004)","DOI":"10.1145\/990036.990059"},{"issue":"1","key":"19_CR5","first-page":"71","volume":"7","author":"Gaoshou Zhai","year":"2013","unstructured":"Zhai, Gaoshou, Tong, Wu: Algorithms for automatic analysis of SELinux security policy. Int. J. Secur. Appl. 7(1), 71\u201384 (2013)","journal-title":"Int. J. Secur. Appl."},{"issue":"2","key":"19_CR6","first-page":"229","volume":"6","author":"Gaoshou Zhai","year":"2012","unstructured":"Zhai, Gaoshou, Tong, Wu: Automatic analysis method for SELinux security policy. Int. J. Secur. Appl. 6(2), 229\u2013234 (2012)","journal-title":"Int. J. Secur. Appl."},{"key":"19_CR7","unstructured":"Guttman, J.D., Herzog, A.L., Ramsdell, J.D.: Information flow in operating systems: eager formal methods. In: Workshop on Issues in the Theory of Security (WITS 2003). IFIP WG 1.7, ACM SIGPLAN and GI FoMSESS. Warsaw, Poland (2003)"},{"key":"19_CR8","doi-asserted-by":"crossref","first-page":"115","DOI":"10.3233\/JCS-2005-13105","volume":"13","author":"JD Guttman","year":"2005","unstructured":"Guttman, J.D., Herzog, A.L., Ramsdell, J.D., Skorupka, C.W.: Verifying information flow goals in security-enhanced linux. J. Comput. Secur. 13, 115\u2013134 (2005)","journal-title":"J. Comput. Secur."},{"key":"19_CR9","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"389","DOI":"10.1007\/11908739_28","volume-title":"Advances in Information and Computer Security","author":"Y-M Chen","year":"2006","unstructured":"Chen, Y.-M., Kao, Y.-W.: Information flow query and verification for security policy of security-enhanced linux. In: Yoshiura, H., Sakurai, K., Rannenberg, K., Murayama, Y., Kawamura, S.-I. (eds.) IWSEC 2006. LNCS, vol. 4266, pp. 389\u2013404. Springer, Heidelberg (2006)"},{"key":"19_CR10","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"67","DOI":"10.1007\/978-3-642-25283-9_5","volume-title":"Trusted Systems","author":"L Gu","year":"2011","unstructured":"Gu, L., Guo, Y., Yang, Y., Bao, F., Mei, H.: Modeling TCG-based secure systems with colored petri nets. In: Chen, L., Yung, M. (eds.) INTRUST 2010. LNCS, vol. 6802, pp. 67\u201386. Springer, Heidelberg (2011)"},{"key":"19_CR11","doi-asserted-by":"crossref","unstructured":"Ahn, G.J., Xu, W., Zhang, X.: Systematic policy analysis for high-assurance services in SELinux. In: Proceedings of 2008 IEEE Workshop on Policies for Distributed Systems and Networks, pp. 3\u201310. IEEE Computer Society (2008)","DOI":"10.1109\/POLICY.2008.18"},{"issue":"11","key":"19_CR12","first-page":"35","volume":"4","author":"Tao Guo","year":"2013","unstructured":"Guo, Tao, Zhai, Gaoshou: Automatic analysis of SELinux security policies based on colored petri-net (in Chinese). Inf. Secur. Technol. 4(11), 35\u201340 (2013)","journal-title":"Inf. Secur. Technol."},{"key":"19_CR13","unstructured":"Jaeger, T., Sailer, R., Zhang, X.: Analyzing integrity protection in the SELinux example policy. In: Proceedings of the 12th USENIX Security Symposium, pp. 59\u201374. Washington, D.C., USA (2003)"},{"key":"19_CR14","doi-asserted-by":"crossref","unstructured":"Jaeger, T., Sailer, R., Zhang, X.: Resolving constraint conflicts. In: SACMAT 2004, pp. 105\u2013114. Yorktown Heights, New York, USA (2004)","DOI":"10.1145\/990036.990053"},{"key":"19_CR15","unstructured":"Guttman, J.D., Herzog, A.L., Ramsdell, J.D.: SLAT: information flow in security enhanced linux. Included in the SLAT distribution, available from \n                    http:\/\/www.nsa.gov\/SELinux\n                    \n                   (2003)"},{"key":"19_CR16","unstructured":"Sarna-Starosta, B., Stoller, S.D.: Policy analysis for security-enhanced linux. In: Proceedings of the Workshop on Issues in the Theory of Security (WITS 2004), pp. 1\u201312. IFIP WG 1.7, ACM SIGPLAN and GI FoMSESS. Barcelona, Spain (2004)"},{"issue":"3","key":"19_CR17","doi-asserted-by":"publisher","first-page":"26","DOI":"10.1145\/1805974.1805982","volume":"13","author":"B Hicks","year":"2010","unstructured":"Hicks, B., Rueda, S., St. Clair, L., Jaeger, T., McDaniel, P.: A logical specification and analysis for SELinux MLS policy. ACM Trans. Inf. Syst. Secur. 13(3), 26 (2010)","journal-title":"ACM Trans. Inf. Syst. Secur."},{"key":"19_CR18","unstructured":"Kissinger, A., Hale, J.C.: Lopol: a deductive database approach to policy analysis and rewriting. In: Proceedings of the Second Annual Security-enhanced Linux Symposium. Baltimore, Maryland, USA (2006)"},{"key":"19_CR19","doi-asserted-by":"crossref","unstructured":"Singh, A., Amakrishnan, C.R., Ramakrishnan, I.V.: Security policy analysis using deductive spreadsheets. In: FMSE 2007, pp. 42\u201350. Fairfax, Virginia, USA (2007)","DOI":"10.1145\/1314436.1314443"},{"key":"19_CR20","doi-asserted-by":"crossref","unstructured":"Amthor, P., K\u00fchnhauser, W.E., P\u00f6lck, A.: Model-based safety analysis of SELinux security policies. In: 2011 5th International Conference on Network and System Security (NSS), pp. 208\u2013215. IEEE Press, New York (2011)","DOI":"10.1109\/ICNSS.2011.6060002"},{"key":"19_CR21","doi-asserted-by":"crossref","unstructured":"Marouf, S., Phuong, D.M., Shehab, M.: A learning-based approach for SELinux policy optimization with type mining. In: Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research (CSIIRW 2010). ACM, New York (2010)","DOI":"10.1145\/1852666.1852746"},{"key":"19_CR22","unstructured":"Tresys Technology: SETools\u2014policy analysis tools for SELinux. \n                    http:\/\/oss.tresys.com\/projects\/setools"},{"key":"19_CR23","doi-asserted-by":"publisher","first-page":"155","DOI":"10.1007\/s10207-012-0180-7","volume":"12","author":"X Wenjuan","year":"2013","unstructured":"Wenjuan, X., Shehab, M., Ahn, G.-J.: Visualization-based policy analysis for SELinux: framework and user study. Int. J. Inf. Secur. 12, 155\u2013171 (2013)","journal-title":"Int. J. Inf. Secur."},{"key":"19_CR24","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"596","DOI":"10.1007\/978-3-642-35236-2_60","volume-title":"Active Media Technology","author":"P Clemente","year":"2012","unstructured":"Clemente, P., Kaba, B., Rouzaud-Cornabas, J., Alexandre, M., Aujay, G.: SPTrack: visual analysis of information flows within SELinux policies and attack logs. In: Huang, R., Ghorbani, A.A., Pasi, G., Yamaguchi, T., Yen, N.Y., Jin, B. (eds.) AMT 2012. LNCS, vol. 7669, pp. 596\u2013605. Springer, Heidelberg (2012)"},{"key":"19_CR25","doi-asserted-by":"crossref","unstructured":"Marouf, S., Shehab, M.: SEGrapher: visualization-based SELinux policy analysis. In: 2011 4th Symposium on Configuration Analytics and Automation (SAFECONFIG), pp. 1\u20138. Arlington, VA. IEEE Press, New York (2011)","DOI":"10.1109\/SafeConfig.2011.6111675"},{"key":"19_CR26","doi-asserted-by":"publisher","first-page":"40","DOI":"10.1016\/j.cose.2014.01.002","volume":"42","author":"P Amthor","year":"2014","unstructured":"Amthor, P., Kuhnhauser, W.E., Polck, A.: WorSE: a workbench for model-based security engineering. Comput. Secur. 42, 40\u201355 (2014)","journal-title":"Comput. Secur."},{"key":"19_CR27","unstructured":"Athey, J., Ashworth, C., Mayer, F., Miner, D.: Towards Intuitive tools for managing SELinux: hiding the details but retaining the power. Tresys Technology. \n                    http:\/\/www.tresys.com\/innovation\/papers\/Power_of_SELinux.pdf\n                    \n                  . Accessed 12 March 2007"},{"key":"19_CR28","unstructured":"MacMillan, K., Brindle, J., Mayer, F., Caplan, D., Tang, J.: Design and Implementation of the SELinux policy management server. Tresys Technology. \n                    http:\/\/www.tresys.com\/innovation\/papers\/Design-And-Implementation-of-PMS.pdf\n                    \n                  . Accessed 1 March 2006"},{"key":"19_CR29","unstructured":"Singh, S.: Automatic verification of security policy implementations. Doctoral Dissertation in Computer Science, University of Illinois at Urbana-Champaign (2012)"},{"key":"19_CR30","first-page":"201","volume":"18","author":"Y Nakamura","year":"2010","unstructured":"Nakamura, Y., Sameshima, Y., Yamauchi, T.: SELinux security policy configuration system with higher level language. J. Inf. Process. 18, 201\u2013212 (2010)","journal-title":"J. Inf. Process."}],"container-title":["Lecture Notes in Computer Science","Trusted Systems"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-27998-5_19","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,1]],"date-time":"2019-06-01T08:42:15Z","timestamp":1559378535000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-27998-5_19"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2015]]},"ISBN":["9783319279978","9783319279985"],"references-count":30,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-27998-5_19","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2015]]}}}