Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Flexible Mandatory Access Control (MAC) in Modern Operating Systems Jeffrey H. Jewell CS 591 December 7, 2009 Jeffrey H. Jewell CS 591 December 7, 2009.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Flexible Mandatory Access Control (MAC) in Modern Operating Systems Jeffrey H. Jewell CS 591 December 7, 2009 Jeffrey H. Jewell CS 591 December 7, 2009."— Presentation transcript:

1 1 Flexible Mandatory Access Control (MAC) in Modern Operating Systems Jeffrey H. Jewell CS 591 December 7, 2009 Jeffrey H. Jewell CS 591 December 7, 2009

2 2 Introduction Background MAC Architecture Linux implementation Fedora Examples Conclusion Background MAC Architecture Linux implementation Fedora Examples Conclusion

3 3 OS Controls Discretionary Access Control (DAC) Most commonly used mechanism today Definition - a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. Disadvantages Too much power to users. Good security practice hard to enforce Discretionary Access Control (DAC) Most commonly used mechanism today Definition - a means of restricting access to objects based on the identity of subjects and/or groups to which they belong. Disadvantages Too much power to users. Good security practice hard to enforce

4 4 Alternative approach - MAC Definition - a type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target.access control operating system Policy controlled by a security administrator MAC issues tightly coupled to the DOD multi-level security (MLS) policy Access decisions in MLS are based on clearances for subjects and classifications for objects. Considers only confidentiality and not integrity. Definition - a type of access control by which the operating system constrains the ability of a subject or initiator to access or generally perform some sort of operation on an object or target.access control operating system Policy controlled by a security administrator MAC issues tightly coupled to the DOD multi-level security (MLS) policy Access decisions in MLS are based on clearances for subjects and classifications for objects. Considers only confidentiality and not integrity.

5 5 Flask Architecture

6 6 Security Enhanced Linux Linux OS refactored to incorporate Flask architecture. Selected due to its growing success Open source development environment Better feedback due to more users of Linux. Policy implementation Based on domain-type model. Policy built using Reference Policy language. Platforms Red Hat, Fedora, Ubuntu, Debian (Linux) Solaris, FreeBSD (Unix) Linux OS refactored to incorporate Flask architecture. Selected due to its growing success Open source development environment Better feedback due to more users of Linux. Policy implementation Based on domain-type model. Policy built using Reference Policy language. Platforms Red Hat, Fedora, Ubuntu, Debian (Linux) Solaris, FreeBSD (Unix)

7 7 Reference Policy AdminAppsKernelRolesServicesSystem Apache.teApache.fcApache.if Makefile => policy.VER Makefile => apache.pp Fedora Production Release Targeted (default) MLS Config files – file contexts Tresys link - http://oss.tresys.com/projects

8 8 FEDORA EXAMPLES

9 9 Unconfined domain Security context:

10 10 Confined domains Type distinction between processes and objects

11 11 Policy Enforcement Temp mod to file context Policy Enforcement Loaded file context

12 12 Conclusion SELinux Reference Policy allows customizable fine- grained control of all processes and objects in the computer system. Manipulation of policy in Fedora release still cumbersome. Need familiarization with Reference Policy. Limited source code although you can create module executables via the built-in GUI tools. On-line help still immature. SELinux Reference Policy allows customizable fine- grained control of all processes and objects in the computer system. Manipulation of policy in Fedora release still cumbersome. Need familiarization with Reference Policy. Limited source code although you can create module executables via the built-in GUI tools. On-line help still immature.

13 13 References Red Hat documentation (2009). SELinux Architectural Overview. Retrieved Nov. 5, 2009 from http://www.redhat.com/docs/manuals/enterprise/RHEL- 4-Manual/selinux-guide/selg-chapter-0013.html#SELG-SECT1-0014 P. Loscocco, Smalley S. Muckelbauer, P, Taylor, R, Turner S., and Farrell, J. The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environment. Proceedings of the 21st National Information Systems Security Conference, pages 303-314, October 1998.21st National Information Systems Security Conference P. Loscocco and Smalley S. Integrating Flexible Support for Security Policies into the Linux Operating System. Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference (FREENIX '01), June 2001 P. Loscocco and Smalley S. Meeting Critical Security Objectives with Security-Enhanced Linux. Proceedings of the 2001 Ottawa Linux Symposium J. PeBenito, F. Mayer, and K. MacMillan Reference Policy for Security Enhanced Linux. 2006 Security Enhanced Linux Symposium Red Hat documentation (2009). SELinux Architectural Overview. Retrieved Nov. 5, 2009 from http://www.redhat.com/docs/manuals/enterprise/RHEL- 4-Manual/selinux-guide/selg-chapter-0013.html#SELG-SECT1-0014 P. Loscocco, Smalley S. Muckelbauer, P, Taylor, R, Turner S., and Farrell, J. The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environment. Proceedings of the 21st National Information Systems Security Conference, pages 303-314, October 1998.21st National Information Systems Security Conference P. Loscocco and Smalley S. Integrating Flexible Support for Security Policies into the Linux Operating System. Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference (FREENIX '01), June 2001 P. Loscocco and Smalley S. Meeting Critical Security Objectives with Security-Enhanced Linux. Proceedings of the 2001 Ottawa Linux Symposium J. PeBenito, F. Mayer, and K. MacMillan Reference Policy for Security Enhanced Linux. 2006 Security Enhanced Linux Symposium

14 14 References (Cont’d) Wikipedia (2009). Manadatory Acce Control Retrieved Nov 10, 2009 from http://en.wikipedia.org/wiki/Mandatory_Access_Control Wikipedia (2009). Manadatory Acce Control Retrieved Nov 10, 2009 from http://en.wikipedia.org/wiki/Mandatory_Access_Control Widipedia (2009). Discretionary Access Control. Retrieved Nov 10, 2009 from http://en.wikipedia.org/wiki/Discretionary_access_control Widipedia (2009). Discretionary Access Control. Retrieved Nov 10, 2009 from http://en.wikipedia.org/wiki/Discretionary_access_contro Tresys Open Source Software (2009). SELinux Reference Policy. Retrieved Nov 10, 2009 from http://oss.tresys.com/projects/refpolicy Tresys Open Source Software (2009). http://oss.tresys.com/projects/refpolicy (2009). Writing SE Linux policy HOWTO. Retrieved Nov 15, 2009 from http://www.lurking-grue.org/writingselinuxpolicyHOWTO.html http://www.lurking-grue.org/writingselinuxpolicyHOWTO.html Fedora Project (2009). Fedora 11 SELinux user’s guide. Retrieved Nov 15, 2009 from http://docs.fedoraproject.org/selinux-user-guide/f11/pdf/Security- Enhanced_Linux.pdf Wikipedia (2009). Fedora operating system. Retrieved Nov 10, 2009 from http://en.wikipedia.org/wiki/Fedora_(operating_system) Wikipedia (2009). Fedora operating system. Retrieved Nov 10, 2009 from http://en.wikipedia.org/wiki/Fedora_(operating_system) C. Hanson. SELinux and MLS: Putting the pieces together. Proceeding from the 2006 SELinux Symposium. C. Hanson. SELinux and MLS: Putting the pieces together. Wikipedia (2009). Manadatory Acce Control Retrieved Nov 10, 2009 from http://en.wikipedia.org/wiki/Mandatory_Access_Control Wikipedia (2009). Manadatory Acce Control Retrieved Nov 10, 2009 from http://en.wikipedia.org/wiki/Mandatory_Access_Control Widipedia (2009). Discretionary Access Control. Retrieved Nov 10, 2009 from http://en.wikipedia.org/wiki/Discretionary_access_control Widipedia (2009). Discretionary Access Control. Retrieved Nov 10, 2009 from http://en.wikipedia.org/wiki/Discretionary_access_contro Tresys Open Source Software (2009). SELinux Reference Policy. Retrieved Nov 10, 2009 from http://oss.tresys.com/projects/refpolicy Tresys Open Source Software (2009). http://oss.tresys.com/projects/refpolicy (2009). Writing SE Linux policy HOWTO. Retrieved Nov 15, 2009 from http://www.lurking-grue.org/writingselinuxpolicyHOWTO.html http://www.lurking-grue.org/writingselinuxpolicyHOWTO.html Fedora Project (2009). Fedora 11 SELinux user’s guide. Retrieved Nov 15, 2009 from http://docs.fedoraproject.org/selinux-user-guide/f11/pdf/Security- Enhanced_Linux.pdf Wikipedia (2009). Fedora operating system. Retrieved Nov 10, 2009 from http://en.wikipedia.org/wiki/Fedora_(operating_system) Wikipedia (2009). Fedora operating system. Retrieved Nov 10, 2009 from http://en.wikipedia.org/wiki/Fedora_(operating_system) C. Hanson. SELinux and MLS: Putting the pieces together. Proceeding from the 2006 SELinux Symposium. C. Hanson. SELinux and MLS: Putting the pieces together.

Download ppt "1 Flexible Mandatory Access Control (MAC) in Modern Operating Systems Jeffrey H. Jewell CS 591 December 7, 2009 Jeffrey H. Jewell CS 591 December 7, 2009."

Similar presentations

1 cs691 chow C. Edward Chow Confidentiality Policy CS691 – Chapter 5 of Matt Bishop.

1 cs691 chow C. Edward Chow Confidentiality Policy CS691 – Chapter 5 of Matt Bishop.
JENNIS SHRESTHA CSC 345 April 22, 2014. Contents Introduction History Flux Advanced Security Kernel Mandatory Access Control Policies MAC Vs DAC Features.

JENNIS SHRESTHA CSC 345 April 22, Contents Introduction History Flux Advanced Security Kernel Mandatory Access Control Policies MAC Vs DAC Features.
Trusted Ring: A Security Enhancing Software Architecture Michael DiRossi, Inventor The Johns Hopkins University Applied Physics Laboratory.

Trusted Ring: A Security Enhancing Software Architecture Michael DiRossi, Inventor The Johns Hopkins University Applied Physics Laboratory.
Access Control Chapter 3 Part 3 Pages 209 to 227.

Access Control Chapter 3 Part 3 Pages 209 to 227.
Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?

Lecture 19 Page 1 CS 111 Online Protecting Operating Systems Resources How do we use these various tools to protect actual OS resources? Memory? Files?
Access Control Patterns Fatemeh Imani Mehr Amirkabir university of technology, Department of Computer Engineering & Information Technology.

Access Control Patterns Fatemeh Imani Mehr Amirkabir university of technology, Department of Computer Engineering & Information Technology.
Attribute-Based Access Control Models and Beyond

Attribute-Based Access Control Models and Beyond
Access Control Intro, DAC and MAC System Security.

Access Control Intro, DAC and MAC System Security.
1 UCR Access Control/Capabilities Some slides/ideas adapted from Ninghui Li.

1 UCR Access Control/Capabilities Some slides/ideas adapted from Ninghui Li.
By: Arpit Pandey SELINUX (SECURITY-ENHANCED LINUX)

By: Arpit Pandey SELINUX (SECURITY-ENHANCED LINUX)
Chapter 9 Building a Secure Operating System for Linux.

Chapter 9 Building a Secure Operating System for Linux.
Security-Enhanced Linux Joseph A LaConte CS 522 December 8, 2004.

Security-Enhanced Linux Joseph A LaConte CS 522 December 8, 2004.
Shane Jahnke CS591 December 7, 2009.  What is SELinux?  Changing SELinux Policies  What is SLIDE?  Reference Policy  SLIDE  Installation and Configuration.

Shane Jahnke CS591 December 7,  What is SELinux?  Changing SELinux Policies  What is SLIDE?  Reference Policy  SLIDE  Installation and Configuration.
Lecture 7 Access Control

Lecture 7 Access Control
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 4 “Overview”.
SELinux. 2SELinux Wikipedia says: Security-Enhanced Linux (SELinux) is an implementation of mandatory access control using Linux Security Modules (LSM)

SELinux. 2SELinux Wikipedia says: Security-Enhanced Linux (SELinux) is an implementation of mandatory access control using Linux Security Modules (LSM)
ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.

ADVANCED LINUX SECURITY. Abstract : Using mandatory access control greatly increases the security of an operating system. SELinux, which is an implementation.
Security-Enhanced Linux & Linux Security Module The George Washington University CS297 Programming Language & Security YU-HAO HU.

Security-Enhanced Linux & Linux Security Module The George Washington University CS297 Programming Language & Security YU-HAO HU.
Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.

Principles of Computer Security: CompTIA Security + ® and Beyond, Second Edition © 2010 Baselines Chapter 14.
Usable Mandatory Integrity Protection for Operating Systems Authors: Ninghui Li, Ziqing Mao and Hong Chen “IEEE Symposium on Security and Privacy(SP’07)”

Usable Mandatory Integrity Protection for Operating Systems Authors: Ninghui Li, Ziqing Mao and Hong Chen “IEEE Symposium on Security and Privacy(SP’07)”

Similar presentations

Ads by Google