Demystifying Security Enhanced Linux

By Abhishek Singh, CISSP
Friday, 23 December 2005 09:40 EST

In this paper I will try to explain the philosophy behind the Security Enhanced Linux (SE Linux). I will however try to explain the concept with an example but to keep the length readable I will restrain myself to go into much of implementation details for e.g. commands and similar stuff.

This flavor of linux has strong Mandatory Access control Built into the kernel where by the process and objects such as files are classified based on the confidentiality and integrity requirement, hence the affect of a security breach is reduced to minimal.

It is to be noted that this doesnot mean that SE Linux was designed to correct flaws which are present in the Linux rather it’s an attempt to use MAC (in contrast to DAC used by traditional Linux Systems) to make a system which will mitigate the affects of security policy breaches to a minimum, by the help of policies which specify the security requirements of a system.

Read the full paper in PDF format

Sponsors:
Is your network open to attack? Find out with the #1 sold network security scanner: GFI LANguard Network Security Scanner! Download your FREE trial version today.	Check your website security with a FREE website security audit by Acunetix. Audit your web applications for SQL injection, cross site scripting & more with Acunetix Web Vulnerability Scanner	Software security section is sponsored by GFI, a leading developer ofnetwork security, content security and messaging software - Free trial!


Copyright © IT-Observer.com 2000 - 2006	Privacy Policy \| RSS Feeds