CASPR: Context-Aware Security Policy Recommendation
Lifang Xiao
Network and Distributed System Security (NDSS) Symposium 2025 · Day 3 · Software Security: Applications & Policies
The talk "CASPR: Context-Aware Security Policy Recommendation" introduces an innovative approach to automate and enhance the configuration of security policies, specifically focusing on **Security-Enhanced Linux (SE Linux)**. Presented by Ken from the University of Chinese Academy of Sciences on behalf of the original authors, the research addresses the pervasive challenge of manually managing complex access control policies. SE Linux, a mandatory access control system, relies on meticulously defined security policies to enforce the principle of least privilege, thereby preventing unauthorized access and bolstering system integrity. However, the sheer volume of policy rules and their intricate semantics make manual configuration a time-consuming, expertise-intensive, and error-prone endeavor.
AI review
Competent academic systems security paper solving a real and underserved problem — SELinux policy automation is genuinely painful and the context-aware clustering approach is a credible contribution. The 92.44% accuracy headline and anomaly detection results are reasonable for an NDSS-caliber paper, but this doesn't push the envelope enough to be memorable, and the presentation (a proxy delivery on behalf of absent authors) limits the ceiling.