Title :
Lothlorien: Mandatory Access Control using Linux Security Modules
Author :
Harsha, K. ; Palavalli, Bharath M. ; Rao, Shrisha ; Ashwin
Author_Institution :
Center for Study of Sci., Technol. & Policy, Bangalore, India
Abstract :
The concept of Mandatory Access Controls (MAC) enforces a security policy on users. Linux Security Modules (LSM) provides for development of such frameworks. Lothlorien is an exploratory framework using LSM and the POSIX 1.e draft specifications´1 Extended Attributes (EA) to implement MAC on Linux. Lothlorien makes use of system call hooks provided by LSM to place checks on the access to system resources. The entire system is divided logically into different zones where the resources and users of the systems are distributed depending on their security context similar to a real organisation. Along with the already available Discretionary Access Control (DAC) on Linux, Lothlorien intends to achieve TCSEC B1 level of security. A policy will define the rules of access. Separating all the entities of the system allows fine-grained access control.
Keywords :
Linux; authorisation; Linux security modules; Lothlorien; POSIX 1.e draft specifications extended attributes; discretionary access control; mandatory access control; Access control; Cities and towns; Containers; Data security; Data structures; File systems; Information security; Information technology; Linux; Operating systems; LSM; Linux security; access control; mandatory access; security;
Conference_Titel :
Internet Multimedia Services Architecture and Applications (IMSAA), 2009 IEEE International Conference on
Conference_Location :
Bangalore
Print_ISBN :
978-1-4244-4792-3
Electronic_ISBN :
978-1-4244-4793-0
DOI :
10.1109/IMSAA.2009.5439499
