1 / 11

NSA Security-Enhanced Linux (SELinux)

http://www.nsa.gov/selinux Grant M. Wagner gmw@tycho.nsa.gov Information Assurance Research Group National Security Agency. NSA Security-Enhanced Linux (SELinux). The Need for Secure OS. Increasing risk to valuable information Wide variety of application space security solutions

bbeecher
Download Presentation

NSA Security-Enhanced Linux (SELinux)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. http://www.nsa.gov/selinux Grant M. Wagner gmw@tycho.nsa.gov Information Assurance Research Group National Security Agency NSA Security-Enhanced Linux (SELinux)

  2. The Need for Secure OS • Increasing risk to valuable information • Wide variety of application space security solutions • Dependence on OS protection mechanisms • Inadequacy of mainstream operating systems • Discretionary access controls can't do the job • Key missing feature: Mandatory Access Control (MAC) • Administratively-set security policy • Control over all processes and objects • Decisions based on all security-relevant information

  3. What can MAC offer? • Strong separation of security domains • Separate data based on confidentiality/integrity/purpose • System, application, and data integrity • Protect against unauthorized modifications • Prevent ill-formed modifications • Ability to limit program privileges • Safely run code of uncertain trustworthiness • Prevent exploit of flaw in program from escalating privilege • Limit each program to only what is required for its purpose

  4. What can MAC offer? • Processing pipeline guarantees • Ensure that data is processed as required • Split processing into small, minimally trusted stages • Encryption, sanitization, virus scanning • Authorization limits for legitimate users • Decompose administrator role • Partition users into classes based on position, clearance, etc.

  5. SELinux provides Flexible MAC • Flexible comprehensive mandatory access controls for Linux implemented as a Linux security module • Building on 12 years of NSA’s OS Security research • Application of NSA’s Flask security architecture • Cleanly separates policy from enforcement using well-defined policy interfaces • Allows users to express policies naturally and supports changes • Comprehensive fine-grained controls over kernel services • Transparent to applications and users • Role-Based Access Control, Type Enforcement, optional Multi-Level Security, easily extensible to other models • Highly configurable (example configuration provided)

  6. SELinux Security Impact • Limits damage from virus/trojan horse infection • Can inhibit virus propagation • Eliminates most privilege elevation attacks • Constrains damage from undiscovered exploits • Servers need not be granted admin privileges • Reduces need for immediate security patching • Reduces dependence on all-powerful admin • Critical services and data can be isolated • Allows control over user actions

  7. SELinux Research Success • SELinux developed at NSA as research prototype • Public release in Dec 2000 w/regular updates since • Currently included as security module in 2.6 Kernels • Continues to be excellent platform for security research

  8. SELinux Acceptance • SELinux was released as a reference implementation • Direct benefit to Linux • Other OS groups incorporating technology • Direct User benefit • Meeting real security needs • Growing user/developer community is contributing back • Open Source can be powerful technology transfer tool

  9. Interest in SELinux • Corporate • Used or being used considered for use in products/solutions • Wide variety of industries including OEMs, ISPs, Defense, Telecommunications, SCADA systems, PDAs and other consumer electronics • Linux Distributors accepting technology • Red Hat/Debian/Gentoo/Others??? • SELinux deployments • Corporate, government, universities

  10. Research Direction • Further user space integration • Complete integration into networked environment • Integrate with 2.6 IPSEC and NFSv4 implementations • Security-Enhanced X Windows • Policy specification and analysis tools • Policy management service • Platform for application security mechanisms

  11. Available at: http://www.nsa.gov/selinux Mailing list: Send 'subscribe selinux' to majordomo@tycho.nsa.gov e-mail: selinux-team@tycho.nsa.gov Want to learn more?

More Related