Date of Award


Document Type

Master's report

Degree Name

Master of Science in Computer Science (MS)

College, School or Department Name

Department of Computer Science


Jean Mayo


The high complexity of advanced security models in the modern trusted systems requires an effective formal education for students. Education access control tools have been promoted. Though they can benefit the learning through analyzing or visualizing access control policies, few of them are designed to teach development of access control policies.

In this report, we propose an access control programming library which can provide students hand-on experience with the effect of an access control policy on a running program. A student can write a policy and then run programs under the policy. The Programming Library provides a system call wrapper API which enforces the developed policy in the execution of a process. The program and policy exist at the user level. No administrator access is required. From another hand, students can monitor how the process is affected by the policy through this tool and adjust the rules accordingly. Furthermore, an Access Control Shell was designed as an interactive command interface to execute the wrapper APIs, as well as a test platform or a container to launch student program. Finally, we defined an interface for further communication with existing visualization tools, which depict the program execution using visualizations specific to the policy model.