This paper will introduce the NSA's research project termed "Security-enhanced" Linux. It has been recognized that securing applications is only half of the battle: a computer system must also employ security policies at the OS level, and the current model of user vs. administrator that we find in standard Unix is insufficient. Security-enhanced Linux, or "SELinux", is defined as "enforc[ing] mandatory access control policies that confine user programs and system servers to the minimum amount of privilege they require to do their jobs". SELinux is neither a tool for encryption nor a full distribution of Linux; instead, it is a modification of the kernel to include a "security server". This internal security server is responsible for implementing a configurable security policy to the way processes and users are allocated system resources and permissions. SELinux derives its architecture from a previous project called the "Flask" operating system.
Read Entire Paper
E-Mail Link
Your IP address will be sent with this e-mail
