A Role Based Access Control Solution for Linux Network
نویسندگان
چکیده
Linux networks are widely used nowadays in computers laboratories or clusters as convenient solutions for optimal hardware and software exploitation by the organizations. One of the challenges in managing these networks is the control of users who have different level of expertise and various roles in the organization. This heterogeneity of organization personnel requires a mechanism to control “who accesses what” network node or software application. This article proposes an access control solution for a Linux network built on the Role Based Access Control model which uses well known Linux tools and services: sudo, PAM, LDAP.
منابع مشابه
Model-Based Tool-Assistance for Packet-Filter Design
The design of suitable packet-filters protecting subnets against network-based attacks is usually difficult and error-prone. Therefore, toolassistance shall facilitate the design task and shall contribute to the correctness of the filters, i.e., the filters should be consistent with the other security mechanisms of the computer network, in particular with its access control schemes. Moreover, t...
متن کاملLeveraging IPSec for Mandatory Access Control of Linux Network Communications
We present an implementation of mandatory access control for Linux network communications that restricts socket access to labelled IPSec security associations. The Linux Security Modules (LSM) framework defines a reference monitor interface that enables security modules (e.g., SELinux) to enforce comprehensive mandatory access control (MAC) for Linux version 2.6. The current LSM control over ne...
متن کاملEnforcing RBAC Policies over Data Stored on Untrusted Server (Extended Version)
One of the security issues in data outsourcing is the enforcement of the data owner’s access control policies. This includes some challenges. The first challenge is preserving confidentiality of data and policies. One of the existing solutions is encrypting data before outsourcing which brings new challenges; namely, the number of keys required to access authorized resources, efficient policy u...
متن کاملFT-FW: A cluster-based fault-tolerant architecture for stateful firewalls
Nowadays, stateful firewalls are part of the critical infrastructure of the Internet. Basically, they help to protect network services and users against attackers by means of access control and protocol conformance checkings. However, stateful firewalls are problematic from the fault-tolerance perspective since they introduce a single point of failure in the network schema. In this work, we sum...
متن کاملMeeting Critical Security Objectives with Security-Enhanced Linux
Security-enhanced Linux incorporates a strong, flex ible mandatory access control architecture into Linux. It provides a mechanism to enforce the sep aration of information based on confidentiality and integrity requirements. This allows threats of tam pering and bypassing of application security mech anisms to be addressed and enables the confine ment of damage that can be caused by malic...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2014