Kernel Security for 2.8



   Linux Kernel Summit
       Ottawa 2004

   James Morris, Red Hat
Current Status
Several security features in 2.6:

●   LSM
●   Crypto API (software)
●   Cryptoloop
●   dm-crypt
●   IPSec
...
Potential Future Directions (2.7+)
●   SELinux:
    ●  MLS (multilevel security)
    ●  Labeled networking
    ●  Integrat...
Upcoming SlideShare
Loading in...5
×

Kernel Security for 2.8 - Kernel Summit 2004

936
-1

Published on

"Kernel Security for 2.8", presentation given at the Linux Kernel Summit in Ottawa in 2004.

Note that this was when we were still expecting to have versions 2.7/2.8.

Published in: Technology, News & Politics
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
936
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
13
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Kernel Security for 2.8 - Kernel Summit 2004

  1. 1. Kernel Security for 2.8 Linux Kernel Summit Ottawa 2004 James Morris, Red Hat
  2. 2. Current Status Several security features in 2.6: ● LSM ● Crypto API (software) ● Cryptoloop ● dm-crypt ● IPSec ● SELinux (MAC, RBAC) ● NX ● Audit Framework ● Syscall Auditing Discussion?
  3. 3. Potential Future Directions (2.7+) ● SELinux: ● MLS (multilevel security) ● Labeled networking ● Integration with resource management ● NFSv4 integration ● Virtualization: ● Increased isolation ● Polyinstantiation ● Hardware Crypto API ● Kernel keyring management ● More LSM applications? ● Continued refinement of Netfilter ● Signed modules (2.6?) ● Signed binaries ● Exec-shield (2.6?) ● TPM ● LT ● Better capabilities (Chris Wright) ● Separate out DAC (Chris Wright)
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×