An introduction to MAC RBAC and LSM

182 views

Published on

An Introduction to MAC, RBAC and LSM to better understanding the theory behind hardening tools such SELinux, GrSecurity and more.

Published in: Software
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
182
On SlideShare
0
From Embeds
0
Number of Embeds
3
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

An introduction to MAC RBAC and LSM

  1. 1. Hardening Two June 13, 2016 Francesco Pira (fpira.com) An Introduction to MAC, RBAC and LSM The theory behind hardening tools
  2. 2. Hardening Two June 13, 2016 Francesco Pira (fpira.com) Before we start… • each system has its own security requirements • each system has different overriding security requirements • sometimes you need to combine multiple solutions • showed approaches are build into the system
  3. 3. Hardening Two June 13, 2016 Francesco Pira (fpira.com) Information Main security requirements Confidentiality Availability Integrity
  4. 4. Hardening Two June 13, 2016 Francesco Pira (fpira.com) Keywords • roles • subjects • objects • policy • policy defines behaviour of roles / subjects / objects as higher abstraction of users as abstraction of executables as abstraction of system resources as a set of rules (usually system-wide)
  5. 5. Hardening Two June 13, 2016 Francesco Pira (fpira.com) Available options • DAC, Discretionary Access Control • MAC, Mandatory Access Control • RBAC, Role-Based Access Control * DAC and MAC are mutually exclusive. RBAC can coexist with others.
  6. 6. Hardening Two June 13, 2016 Francesco Pira (fpira.com) Discretionary Access Control • focuses on availability • user in control • user can forward privileges • user can revoke permissions • can’t be used in hardening tools!
  7. 7. Hardening Two June 13, 2016 Francesco Pira (fpira.com) Mandatory Access Control • focuses on confidentiality • acts system-wide • by design: 1 trusted admin, no roles • controls access to objects • subjects can’t change the policy • neither users at lower level can do
  8. 8. Hardening Two June 13, 2016 Francesco Pira (fpira.com) Role-Based Access Control • focuses on integrity • needs authentication • each role access only data who is allowed to (default is deny) • not mandatory by design • can coexist with MAC if the hierarchy is a tree • policy tied to roles, roles tied to users • usually implemented via ACL
  9. 9. Hardening Two June 13, 2016 Francesco Pira (fpira.com) Hooking the kernel: LSM • a framework embedded in the Linux kernel • designed not to degrade system performance • hardening tools via modules • system resources have hooks • hooks -> pointers to module functions (low-level API, kind of) • table of (dummy) functions called security_ops • dummy functions replaced at boot time with (e.g.) SELinux ones
  10. 10. Hardening Two June 13, 2016 Francesco Pira (fpira.com) Hooking the kernel: LSM Resource request Sys call DAC check LSM hook complete request LSM module engine SELinux* kernel space user space * as an example
  11. 11. Hardening Two June 13, 2016 Francesco Pira (fpira.com) LSM hooks • hooks are divided into categories • task hooks • program loading hooks • IPC hooks • filesystem hooks • network hooks • and more…
  12. 12. Hardening Two June 13, 2016 Francesco Pira (fpira.com) Questions? Thank you!

×