Department of Computer Science
The integrity of systems files is necessary for the secure functioning of an operating system. Integrity is not generally discussed in terms of complete computer systems. Instead, integrity issues tend to be either tightly coupled to a particular domain (e.g. database constraints), or else so broad as to be useless except after the fact (e.g. backups). Often, file integrity is determined by who modifies the file or by a checksum. This paper focuses on a general model of the internal integrity of a file. Even if a file is modified by a subject with trust or has a valid checksum, it may not meet the specification of a valid file. An example would be a password file with no user assigned a user id of 0. In this paper, we describe a language called Maia that provides a means to specify what the contents of a valid file should be. Maia can be used to specify the format and valid properties of system configuration files, PNG files and others. We give a structural operational semantics of Ma ia and discuss an initial implementation within a mandatory integrity system.
Proceedings of the 5th International Conference on Information Systems Security and Privacy
Maia: A language for mandatory integrity controls of structured data.
Proceedings of the 5th International Conference on Information Systems Security and Privacy,
Retrieved from: https://digitalcommons.mtu.edu/michigantech-p/1340
Creative Commons License
This work is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 4.0 License.