Policy-Enhanced Linux
نویسنده
چکیده
Graduates from the various computer fields need to have a better education in the area of computer security problems and their solutions. In particular, there appears to be little exposure to the enforcement of non-discretionary or Mandatory Access Control (MAC) policies in automated systems. One cause of this deficiency is the expense, limited availability, and limited functionality of operating systems that support such policies. This paper provides a detailed description of an effort to modify the Linux operating system to support MAC policies and overcome these obstacles, with the hope that it can be used to improve computer security education.
منابع مشابه
Policy Analysis for Security-Enhanced Linux
Security-Enhanced Linux (SELinux) extends Linux with a flexible mandatory access control mechanism that enforces security policies expressed in SELinux’s policy language. Determining whether a given policy meets a site’s high-level security goals can be difficult, due to the low-level nature of the policy language and the size and complexity of SELinux policies. We propose a logic-programming-b...
متن کاملModeling Security - Enhanced Linux Policy Speci cations for Analysis Myla Archer
Security-Enhanced (SE) Linux is a modiication of Linux initially released by NSA in January 2001 that provides a language for specifying Linux security policies and, as in the Flask architecture, a security server for enforcing policies deened in the language. To determine whether user requests to the operating system should be granted, the security server refers to an internal form of the poli...
متن کاملModeling Security - Enhanced Linux Policy Speci cations for Analysis
Security-Enhanced (SE) Linux is a modi cation of Linux initially released by NSA in January 2001 that provides a language for specifying Linux security policies and, as in the Flask architecture, a security server for enforcing policies de ned in the language. To determine whether user requests to the operating system should be granted, the security server refers to an internal form of the poli...
متن کاملModeling Security-Enhanced Linux Policy Specifications for Analysis
Security-Enhanced (SE) Linux is a modi cation of Linux initially released by NSA in January 2001 that provides a language for specifying Linux security policies and, as in the Flask architecture, a security server for enforcing policies de ned in the language. To determine whether user requests to the operating system should be granted, the security server refers to an internal form of the poli...
متن کاملAnalyzing Security - Enhanced Linux Policy Speci cations
NSA's Security-Enhanced (SE) Linux enhances Linux by providing a speci cation language for security policies and a Flask-like architecture with a security server for enforcing policies de ned in the language. It is natural for users to expect to be able to analyze the properties of a policy from its speci cation in the policy language. But this language is very low level, making the high level ...
متن کامل