The protection mechanisms of current mainstream operating systems are inadequate to support confidentiality and integrity requirements for end systems. Mandatory Access Control (MAC) is needed to address such requirements, but the limitations of traditional MAC have inhibited its adoption into mainstream operating systems. The National Security Agency (NSA) worked with Secure Computing Corporation (SCC) to develop a flexible MAC architecture called Flask to overcome the limitations of traditional MAC. The NSA has implemented this architecture in the Linux operating system, producing a Security-Enhanced Linux (SELinux) prototype, to make the technology available to a wider community and to enable further research into secure operating systems. This paper describes the security architecture, security mechanisms, application programming interface, security policy configuration, and performance of SELinux.
Did you find this white paper useful?
25 out of 50 users found this white paper useful
Related white papers
Desktop TCO Update 2003
Gartner's total cost of ownership update reinforces that switching operating systems generally results in minor changes to TCO. Enterprises should focus on improving manageability to achieve bigger TCO reductions. ...
White paper: The Future of Software Delivery
This paper provides a brief description of past software delivery issues that have contributed to the current environment; identification of key trends that drive our industry today; and an outline...
Linux - Advanced Networking Overview
Linux, a shareware operating system, supports a number of advanced networking features, thanks largely to the huge linux networking community. Besides the reliable TCP/UDP/IP protocol suite, a number of new...
Preparing Your Linux Box for the Internet - Armoring Linux
Organizations throughout the world are adopting Linux as their production platform. By connecting to the Internet to provide critical services, they also become targets of opportunity. To help protect these...
3-D Look at the IBM Software Development Platform for Linux
This webcast explains how the IBM Software Development Platform supports development teams in a Linux environment. This event covers the 3-D aspect of the IBM SDP for Linux: Discovery, Development...
Making Cents of the Open-Source Movement
In open source development, code is freely available, so those who know how to modify and extend code are able to fix bugs and add features without having to depend...
Intel Tools for Thread-Oriented Development on Linux
During the early years of Linux, when it was gaining traction through the work of evangelists, the operating system did not offer significant functionality in support of threading. In part,...
