Security-Enhanced Linux Joseph A LaConte CS 522 December 8, 2004.

Slides:

Advertisements

Similar presentations

JENNIS SHRESTHA CSC 345 April 22, Contents Introduction History Flux Advanced Security Kernel Mandatory Access Control Policies MAC Vs DAC Features.

Advertisements

Access Control Chapter 3 Part 3 Pages 209 to 227.

Title of Selected Paper: Design and Implementation of Secure Embedded Systems Based on Trustzone Authors: Yan-ling Xu, Wei Pan, Xin-guo Zhang Presented.

Access Control Patterns Fatemeh Imani Mehr Amirkabir university of technology, Department of Computer Engineering & Information Technology.

Access Control Intro, DAC and MAC System Security.

1 UCR Access Control/Capabilities Some slides/ideas adapted from Ninghui Li.

By: Arpit Pandey SELINUX (SECURITY-ENHANCED LINUX)

Secure Systems Research Group - FAU Patterns for access control E.B. Fernandez.

1 Flexible Mandatory Access Control (MAC) in Modern Operating Systems Jeffrey H. Jewell CS 591 December 7, 2009 Jeffrey H. Jewell CS 591 December 7, 2009.

Chapter 9 Building a Secure Operating System for Linux.

SIS: Secure Information Sharing for Windows Systems Osama Khaleel CS526 Semester Project.

SELinux (Security Enhanced Linux) By: Corey McClurg.

Shane Jahnke CS591 December 7,  What is SELinux?  Changing SELinux Policies  What is SLIDE?  Reference Policy  SLIDE  Installation and Configuration.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 4: Access Control.

User Domain Policies.

2  A system can protect itself in two ways: It can limit who can access the system. This requires the system to implement a two-step process of identification.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.

SELinux. 2SELinux Wikipedia says: Security-Enhanced Linux (SELinux) is an implementation of mandatory access control using Linux Security Modules (LSM)

Linux Security.

ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.

Implementing SELinux as a Linux Security Module By Stephen Smalley Chris Vance & Wayne Salamon Presentation by: KASHIF HASAN

Security-Enhanced Linux & Linux Security Module The George Washington University CS297 Programming Language & Security YU-HAO HU.

WP6: Grid Authorization Service Review meeting in Berlin, March 8 th 2004 Marcin Adamski Michał Chmielewski Sergiusz Fonrobert Jarek Nabrzyski Tomasz Nowocień.

Secure Operating Systems

SELinux US/Fedora/13/html/Security-Enhanced_Linux/

1 A pattern language for security models Eduardo B. Fernandez and Rouyi Pan Presented by Liping Cai 03/15/2006.

Security Enhanced Linux David Quigley. History SELinux Timeline 1985:LOCK (early Type Enforcement) 1990: DTMach / DTOS 1995: Utah Fluke / Flask 1999:

Security-Enhanced Linux. References  Implementation of Security-Enhanced Linux by Yue Cui, Xiang Sha, Li Song  Security Enhanced Linux by David Quigley.

Information Assurance Research Group 1 NSA Security-Enhanced Linux (SELinux) Grant M. Wagner Information Assurance.

FOSS Security through SELinux (Security Enhanced Linux) M.B.G. Suranga De Silva Information Security Specialist TECHCERT c/o Department of Computer Science.

1 Implementation of Security-Enhanced Linux Yue Cui Xiang Sha Li Song CMSC 691X Project 2—Summer 02.

Exploiting Data Parallelism in SELinux Using a Multicore Processor Bodhisatta Barman Roy National University of Singapore, Singapore Arun Kalyanasundaram,

CSCE 201 Introduction to Information Security Fall 2010 Access Control.

1 Grand Challenges in Authorization Systems Prof. Ravi Sandhu Executive Director and Endowed Chair November 14, 2011

SELinux - What the hell does that mean? disoray thelug : DC214

Protection Models Yeong-Tay Timothy Sun September 27, Dennis Kafura – CS5204 – Operating Systems.

Chapter 7 Securing Commercial Operating Systems. Chapter Overview Retrofitting Security into a Commercial OS History of Retrofitting Commercial OS's Commercial.

SELinux. The need for secure OS Increasing risk to valuable information Dependence on OS protection mechanisms Inadequacy of mainstream operating systems.

Access Controls Henry Parks SSAC 2012 Presentation Outline Purpose of Access Controls Access Control Models –Mandatory –Nondiscretionary/Discretionary.

CSCE 201 Introduction to Information Security Fall 2010 Access Control Models.

The SELinux of First Look. Prologue After many discussions with a lot of Linux users, I’ve come to realize that most of them seem to disable SELinux rather.

Privilege Management Chapter 22.

Security-Enhanced Linux Eric Harney CPSC 481. What is SELinux? ● Developed by NSA – Released in 2000 ● Adds additional security capabilities to Linux.

Computer Security: Principles and Practice

5/7/2007CoreMcClug/SELinux 1 By: Corey McClurg. Outline A History of SELinux What is SELinux and how do I get it? Getting Started Mandatory Access Control.

Lecture 3 Page 1 CS 236 Online Prolog to Lecture 3 CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Security-Enhanced Linux Stephanie Stelling Center for Information Security Department of Computer Science University of Tulsa, Tulsa, OK

Access Controls Mandatory Access Control by Sean Dalton December 5 th 2008.

PREPARED BY: MS. ANGELA R.ICO & MS. AILEEN E. QUITNO (MSE-COE) COURSE TITLE: OPERATING SYSTEM PROF. GISELA MAY A. ALBANO PREPARED BY: MS. ANGELA R.ICO.

Chapter 4 Access Control. Access Control Principles RFC 4949 defines computer security as: “Measures that implement and assure security services in a.

This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

22 feb What is Access Control? Access control is the heart of security Definitions: * The ability to allow only authorized users, programs or.

MLS/MCS on SE Linux Russell Coker. What is SE Linux? A system for Mandatory Access Control (MAC) based on the Linux Security Modules (LSM) framework Uses.

SELinux Overview Dan Walsh SELinux for Dummies Dan Walsh

Red Hat Enterprise Linux 5 Security April Red Hat Development Model Collaboration with partners and open source contributors to develop technology.

1 Role-Based Access Control (RBAC) Prof. Ravi Sandhu Executive Director and Endowed Chair January 29, © Ravi.

SE Linux Implementation Russell Coker. What is SE Linux? A system for Mandatory Access Control (MAC) based on the Linux Security Modules (LSM) framework.

Presented By: Smriti Bhatt

Access Control Model SAM-5.

Access Control CSE 465 – Information Assurance Fall 2017 Adam Doupé

SE Linux Implementation

SELinux RHEL5: A benchmark

SELinux (Security Enhanced Linux)

An Overview Rick Anderson Pat Demko

NSA Security-Enhanced Linux (SELinux)

Access Control Evolution and Prospects

Mandatory Access Control and the Real World

DOMAIN TYPE ENFORCEMENT

Access Control Evolution and Prospects

Presentation transcript:

Security-Enhanced Linux Joseph A LaConte CS 522 December 8, 2004

Joseph A. LaConte2 Overview Background –Overview and Goals –Previous Projects –Why Linux SELinux –Overview –MAC versus DAC –Security Policy Implementations Type Enforcement Role-Based Access Control Policies Limitations

December 8, 2004Joseph A. LaConte3 Background Security-Enhanced Linux is a NSA (National Security Agency) backed research project. Goals: –Promote Security Research –Address Operating System Security –Demonstrate MAC (Mandatory Access Controls) through Type Enforcement® technology in a mainstream operating system Note: SELinux project is not intended as a complete security solution for Linux

December 8, 2004Joseph A. LaConte4 Background In Conjunction with Secure Computing Corporation (SCC) Previous projects: LOCK system – Secure Ada project through Honeywell DTMach – Mach-based prototype DTOS (Distributed Trusted Operating System) Fluke* - University of Utah's research operating system Flask architecture* * - Fluke was a pre-existing operating system used by the Flux Research group at Utah. During the integration/transfer of technology into the system, enhanced dynamic security policies were produced. The resulting architecture is named Flask.

December 8, 2004Joseph A. LaConte5 Background Why choose Linux? As hinted in the goals, Linux is an open source project with many developers; therefore: Provides an opportunity for more research. Allows application/testing in a mainstream operating system. Improves security in an existing operating system.

December 8, 2004Joseph A. LaConte6 SELinux Security-Enhanced Linux (SELinux) –Uses the Linux Security Modules (LSM) framework to implement flexible Mandatory Access Control (MAC) in the Linux kernal. –Restricts privileges of user programs and system servers using security labels and an administratively- defined policy.

December 8, 2004Joseph A. LaConte7 SELinux MAC versus DAC Discretionary Access Control (DAC) is the standard security model for Linux. In this model, access privileges are based on the user identity and object ownership. Mandatory Access Control (MAC) limits privileges for subjects (processes) and objects (file, socket, device, etc). Please note: SELinux does not change any existing security in the Linux environment; rather, SELinux extends the security model to include Mandatory Access Control (i.e. both MAC and DAC are enforced in the SELinux environment).

December 8, 2004Joseph A. LaConte8 SELinux Security Policies are implemented using: –Type Enforcement ® (TE) –Role-based access control (RBAC)

December 8, 2004Joseph A. LaConte9 Type Enforcement (introduced in 1985 by Boebert and Kain) Traditional TE model uses a domain attribute for each process and a type attribute for each object. User operation is limited to certain domains. In SELinux, a single attribute is used for both subject and object (“A domain is simply a type that can be associated with a process“). Security classes can distinguish objects of the same type. Uses the RBAC model instead of associating users with domains. An access matrix defines the privileges of each type for a given domain.

December 8, 2004Joseph A. LaConte10 Role-Based Access Control Each user gets a set of roles Each role is assigned a set of TE domains. Note: users are not identified by Linux uids; instead a user identity attribute is used in the security context.

December 8, 2004Joseph A. LaConte11 Policies Configuration consists of : Flask definitions TE and RBAC declarations and rules User declarations Constraint definitions Security context specifications.

December 8, 2004Joseph A. LaConte12 Policies TE Statements –Attribute Declarations –Type Declarations –TE Transition Rules –TE Change Rules –TE Access Vector Rules –TE Access Vector Assertions –Type Member Rules RBAC Statements –Role Declarations and Dominance –Role Allow Rules –Role Transition Rules

December 8, 2004Joseph A. LaConte13 Policies Syntax for TE and RBAC declarations* Syntax for type declarations* * Smally, Stephen January 2003.

December 8, 2004Joseph A. LaConte14 Policies Bleher, Thomas November 30, 2004

December 8, 2004Joseph A. LaConte15 Limitations Performance Overhead – calculated at approximately 7%. Complexity – requires in-depth knowledge of the operating system, the security policies, and the operating environment. Maintenance – policy fine-tuning, changes required for changes to the system.

December 8, 2004Joseph A. LaConte16 References National Security Agency. Security Enhanced Linux, December 8, Thompson, Kerry. The UnOfficial SELinux FAQ, June 15, Wade, Karsten. Fedora Core 3 SELinux FAQ, November 9, fc3/index.html Smally, Stephen. Configuring the SELinux Policy, February 2002, revised January NAI Labs. Secure Computing Corporation. The Origin of Sidewinder® G2 Firewall, December 8,

December 8, 2004Joseph A. LaConte17 References OSDGroup LLC. Module 13 – SELinux Overview, December 8, apters/se_linux_sample_chapter.pdf SourceFORGE.net. SELinux Background, December 8, Hallyn, Serge Edward. Domain and Type Enforcement in Linux. The College of William and Mary in Virginia. Bleher, Thomas. Source file: domains/program/apache.te (patch), November 30, 2004.