| Publisher | Graz University of Technology | ||
|---|---|---|---|
| Format | 247.9KB PDF | Date added | 27 Apr 2006 |
| Topics | TCP - IP, Linux - Open Source, Linux Server OS | ||
| Downloads | 46 | ||
Until the availability of Kernel 2.6 the Linux operating system lacked general support to integrate security mechanisms into the kernel. The Linux Security Module Framework (LSM) was designed to overcome this limitation. Although LSM provides a solid baseline for kernel security, it lacks important features. In this paper two of these limitations are addressed: First a framework-managed module stacking mechanism is proposed that allows multiple security policies to be present in the kernel at the same time. The second aspect this paper deals with is the addition of LSM hooks to the Linux TCP layer. This extension was chosen because it allows the implementation of a State-Based Network Intrusion Detection Mechanism which is outlined at the end of the paper.
Did you find this white paper useful?
24 out of 50 users found this white paper useful
Related white papers
Building Reliable IP Telephony Systems
Reliability is the most critical aspect of a business phone system. IP telephony systems will deliver differing service levels because their architecture is fundamentally different. Ironically, optimal architecture and design...
Cash In Your PBX -- Upgrade with Cisco. Gain significant new savings now
PBX systems and old telephony applications were just not built for today's business needs. They don't scale easily, struggle to support mobility, and are increasingly expensive to maintain. Now you...
IOS Tips and Tricks
There are a number of things you can do with Cisco's IOS to make your life easier. This white paper presents some ways that IOS commands can help streamline your...
Dell-Customized Mobility Solutions
The marketplace is overflowing with a multitude of mobility options for businesses of all types and sizes. From notebooks, netbooks, and handheld computers to WiFi, smartphones, and mobile broadband, there...
Decoupling Congestion Control From TCP for Multi-Hop Wireless Networks: Semi-TCP
TCP performs poorly in multihop wireless networks and even worse if end-to-end connectivity is often broken such as in challenged networks. Lots of research has been carried out but this...
Interactive Guide: Enterprise Mobility
Getting Started With Enterprise Mobility: A Guide to Sybase's Enterprise Mobility Platform. With the broadest portfolio of industry-leading products, an innovative mobility platform that provides a foundation for future growth,...
Webcast & Video: Special Report on MEAP featuring research from Gartner
Complimentary Webcast: Taking a Strategic Approach to Enterprise Mobility. Whether you're just getting started with mobility or have already rolled out multiple applications, taking a strategic approach to mobility is...
