Title :
Toward a real MLS/SELinux system for end users: An empirical study
Author :
Blanc, Mathieu ; Clemente, Patrice ; Kissi, Steve-William
Author_Institution :
CEA, DAM, Arpajon
Abstract :
Multi-Level Security (MLS) has been widely used in order to implement confidentiality policies inside organizations, especially into military ones. More recently, some works have been done about the use of MLS inside Security Enhanced Linux (SELinux) operating systems. The main motivation is to have MLS open source system without rewriting applications to work under such OS. Although the MLS mechanisms have been implemented at the operating system level, that doesn´t imply that the system is usable, from an end-user point-of-view. In this paper, we survey the state of the art and technology about the support of MLS under SELinux operating systems. Keeping in mind the main objectives of MLS (i.e., preventing information flows between users), we will deeply experiment OS level mechanisms for MLS control and applications compatibility with such controls. We will discuss remaining issues and future directions to explore.
Keywords :
Linux; public domain software; security of data; MLS open source system; SELinux operating systems; confidentiality policies; end users; multilevel security; security enhanced Linux; Application software; Contracts; Data security; Information security; Information systems; Linux; Military computing; Multilevel systems; Operating systems; Protection; Bell - La Padula; Confidentiality; Multi-Level Security; SELinux;
Conference_Titel :
Collaborative Technologies and Systems, 2009. CTS '09. International Symposium on
Conference_Location :
Baltimore, MD
Print_ISBN :
978-1-4244-4584-4
Electronic_ISBN :
978-1-4244-4586-8
DOI :
10.1109/CTS.2009.5067483
