Limiting Recertification in Highly Configurable Systems Analyzing Interactions and Isolation among Configuration Options
| Title | Limiting Recertification in Highly Configurable Systems Analyzing Interactions and Isolation among Configuration Options |
| Publication Type | Conference Proceedings |
| Year of Publication | 2014 |
| Authors | Christian Kästner, Jurgen Pfeffer |
| Conference Name | HotSoS '14 Proceedings of the 2014 Symposium and Bootcamp on the Science of Security |
| Date Published | 04/2014 |
| Publisher | ACM New York, NY, USA ©2014 |
| Conference Location | Raleigh, NC |
| ISBN Number | 978-1-4503-2907-1 |
| Keywords | certification, CMU, composability, configuration options, July'14, network analysis, security metrics |
| Abstract | In highly configurable systems the configuration space is too big for (re-)certifying every configuration in isolation. In this project, we combine software analysis with network analysis to detect which configuration options interact and which have local effects. Instead of analyzing a system as Linux and SELinux for every combination of configuration settings one by one (>102000 even considering compile-time configurations only), we analyze the effect of each configuration option once for the entire configuration space. The analysis will guide us to designs separating interacting configuration options in a core system and isolating orthogonal and less trusted configuration options from this core. |
| DOI | 10.1145/2600176.2600199 |
| Citation Key | node-30342 |
| Attachment | Size |
|---|---|
| bytes |
Groups: