TOMOYO Linux on Android (Taipei, 2009)
Upcoming SlideShare
Loading in...5

Like this? Share it with your network


TOMOYO Linux on Android (Taipei, 2009)







Total Views
Views on SlideShare
Embed Views



1 Embed 4 4


Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

TOMOYO Linux on Android (Taipei, 2009) Presentation Transcript

  • 1. TOMOYO LINUX ON ANDROID 2009 at Taipei October 27, 2009 (Toshiharu Harada) (Tetsuo Handa) NTT DATA CORPORATION
  • 2. AGENDA Part 1: Operating System Security Overview Part 2: Demonstration Q and A
  • 3. DO YOU KNOW THIS? 28 Controller of
  • 4. 28 is very powerful Has no intelligence Operated by the controller
  • 5. is an ordinary boy (has no power) He is the owner of the controller of 28
  • 6. CONTROLLER Can be used to control Communicate with wirelessly (bluetooth?)
  • 7. TOTAL SCENARIO 1. looses his important controller 2. is operated by bad guys 3. takes back the controller 4. Goto line 1
  • 8. OH
  • 9. MY GOD!
  • 10. FAULT OF No, not really is just a machine is responsible to keep the control of Like a driver is responsible for a car accident
  • 11. EVER THOUGHT? Your PC/Embedded device are the same as It does not know what is good and what is bad You, as the owner of PC, has to administrate it Separating accounts and use passwords Setting access mode for files and directories
  • 12. UNFORTUNATELY Those things are not sufficient Because 1. Bugs can cause buffer overflows 2. It is possible to take over administrator privilege via buffer overflows 3. Administrator privilege means all mighty
  • 13. SO YOU NEED Something to restrict (or limit) the administrator privilege Windows VISTA introduced UAC Linux and other mainstream OS are equipped with a better access control mechanisms: SELinux, Smack and TOMOYO Linux
  • 14. The green field is the operating system space A car is a process (program) In normal OS, car can go anywhere (can do anything) If your car is stolen, your damage is unlimited
  • 15. WHY “UNLIMITED”? Operating system does not know you Operating system does not understand good operations and bad operations If one gets privilege, he is a God and can do anything (format the drive, stop the service, setting a backdoor ..)
  • 16. Total idea is “limiting” the freedom You have to be careful not to limit the proper usage
  • 17. The ideal state is car can go places you need, but cannot go anywhere else
  • 18. YOUR ROLE Like , SELinux and TOMOYO Linux can’t know which operation is good and which is bad You have to tell them as a set of conditions, which are called “policy”
  • 19. WHY IT IS DIFFICULT? Because additional access control works in the deep inside of the operating system (in Linux kernel) Linux kernel is not very user friendly world inode, file descriptor, lock … Policy is like a assembler language of computer security
  • 20. pathname human inode policy
  • 22. EMBEDDED, TOO? The more and more devices are using Linux A rich set of software (TCP/IP, apache, samba …) Vulnerabilities are the same with server machines Embedded devices store personal information, so security is more important Embedded devices can physically cause harm (remotely destroy/damage your possessions)
  • 23. 3 CHOICES SELinux (fully-featured, most robust and reliable) Smack (simplified version) TOMOYO Linux (since 2.6.30)
  • 24. SELINUX Makes judge by the combination of “label” (security context information) You can see labels by executing “ls -Z”, “ps -Z” ...
  • 25. TOMOYO LINUX Has a feature called “policy learning mode” It gathers information inside the kernel and shows you
  • 26. TOMOYO Linux keeps track of every process executions Each process has its “history” and we call that “domain”
  • 28. TRADEMARKS Linux is a trademark of Linus Torvalds in Japan and other countries TOMOYO is a trademark of NTT DATA CORPORATION in Japan
  • 29. presentations