JM
Uploaded byJames Morris
PDF, PPTX445 views

Overview of NSA Security Enhanced Linux - FOSS.IN/2005

This document provides an overview of NSA Security Enhanced Linux (SELinux). SELinux implements mandatory access control (MAC) to provide fine-grained access control and confinement of processes. It uses type enforcement (TE) and role-based access control (RBAC) models to define types for objects and domains for processes. TE rules in the SELinux policy specify which domains can access which object types. SELinux has been merged into the Linux kernel and adopted by several distributions to enhance security for network-facing services. Current development focuses on multi-level security and a reference policy, with future work on tools, policies, and additional applications.

Embed presentation

Download as PDF, PPTX
Overview of NSA Security Enhanced Linux James Morris jmorris@namei.org FOSS.IN/2005 Bangalore, India
What is SELinux? ● Fine­grained Mandatory Access Control (MAC) ● Strongly separated domains ● Provides confinement of: ● malicious code ● flawed code ● user error/intention ● Enforces least privilege ● Protects integrity ● Flexible policy
Discretionary Access Control (DAC)  ● Traditional Unix security model ● DAC is inadequate: – Decisions only based on user identity and ownership – No protection against malicious or flawed software – Each user has complete discretion over own objects – Only two major categories of users: admin and other – Coarse­grained and too much privilege – Unbounded privilege escalation
Mandatory Access Control (MAC) ● “Missing link” of security in general OSs ● Primary features: – Administratively­set security policy – Control over all processes and objects – Decisions based on all security­relevant information
MAC Implementation ● Traditionally inflexible, maps poorly to general case ● More than just Multilevel Security (MLS): – Enforce integrity, least privilege ● Generalized MAC via Type Enforcement (TE) ● Transparent to applications ● Decompose administrator role ● Policy flexibility
SELinux Framework ● Composition of several security models – Role­Based Access Control (RBAC) – Type Enforcement (TE) – Optional Multilevel Security (MLS) ● Separation of mechanism and policy ● Can support further models as required
Type Enforcement (TE) ● Domains for processes, types for objects ● Control access to objects by domains ● Control interactions between domains ● Control entry into domains ● Bind domains to code
Types ● Attributes assigned to objects and domains ● Things of the same type are security­equivalent ● Examples: – httpd_t (apache execution domain) – httpd_log_t (apache log files) – httpd_config_t (apache configuration files) – httpd_sys_content_t (web content)
Type Enforcement Rules ● TE rules defined in policy ● Include object labeling, and access control rules ● Examples: • allow httpd_t httpd_log_t:file  { create ioctl read getattr lock append }; • allow httpd_t httpd_config_t:file { read getattr lock ioctl }; • allow httpd_t httpd_sys_content_t:file { read getattr lock ioctl };
Role Based Access Control (RBAC) ● Roles are attributes assigned to domains, e.g. – sysadm_r – system_r – user_r ● Specifies domains that can be entered by each role ● Specifies roles that are authorized for each user ● Initial domain associated with each user role
Current Status ● Merged into upstream kernel during 2.5 series ● Adopted by several distributions ● Targeted policy for network facing services ● Possibly millions of users ● Basic tools
Current Development ● MLS for production use ● Certifications: LSPP, RBACPP at EAL4+ ● Multi­category Security (MCS) ● Reference policy ● Modular policy
Future Developments & Participation ● Better tools – Policy development and analysis ● High level policy language ● Distributed security management – User management, policy distribution, logging ● Desktop ● Application­level
More Future Developments... ● Networked filesystems ● Hardware security (TPM): – Verified boot – Integrity verification – Remote attestation – Trusted path ● Virtualization ● Cryptographic policy
Resources ● NSA SELinux Pages http://www.nsa.gov/selinux/ ● SELinux for Distributions http://selinux.sourceforge.net/ ● Mailing Lists (see above) ● IRC: irc.freenode.net #selinux ● SELinux Symposium 2006 (Feb/Mar) http://www.selinux­symposium.org/
Acknowledgments ● Much of the source material for these slides was  derived from existing NSA presentations: – http://www.nsa.gov/selinux/info/docs.cfm

More Related Content

PDF
Introduction to Exploitation
byUTD Computer Security Group
 
PPTX
Cryptography and Network security # Lecture 8
byKabul Education University
 
PDF
Network Exploitation
byUTD Computer Security Group
 
PPTX
Computer networks and network security
byUTD Computer Security Group
 
PDF
SELinux Johannesburg Linux User Group (JoziJUg)
byJumping Bean
 
PPTX
Intruders and Intrusion detection in Cryptosystems
byVelanSalis
 
PPTX
Network security
byDonald West Rock
 
PDF
User And Physical Security
byguest648519
 
Introduction to Exploitation
byUTD Computer Security Group
 
Cryptography and Network security # Lecture 8
byKabul Education University
 
Network Exploitation
byUTD Computer Security Group
 
Computer networks and network security
byUTD Computer Security Group
 
SELinux Johannesburg Linux User Group (JoziJUg)
byJumping Bean
 
Intruders and Intrusion detection in Cryptosystems
byVelanSalis
 
Network security
byDonald West Rock
 
User And Physical Security
byguest648519
 

What's hot

PPTX
Metasploit
byParth Sahu
 
PDF
CNIT 50: 1. Network Security Monitoring Rationale
bySam Bowne
 
PDF
Making a SOC Analyst
byPaulAronhalt
 
PDF
CISSP Prep: Ch 6. Identity and Access Management
bySam Bowne
 
PDF
Pki 201 Key Management
byNCC Group
 
PDF
CISSP Prep: Ch 7. Security Assessment and Testing
bySam Bowne
 
PDF
Incident response, Hacker Techniques and Countermeasures
byJose L. Quiñones-Borrero
 
PPTX
UTD Computer Security Group - Cracking the domain
byUTD Computer Security Group
 
PDF
Cryptography101
byNCC Group
 
PDF
Weaponization of IoT
byJose L. Quiñones-Borrero
 
PPTX
Hacking its types and the art of exploitation
byShubhamChoudhary171
 
PDF
Cryto Party at CCU
byJose L. Quiñones-Borrero
 
PDF
BackStabber Special: Supply chain attacks
byKnoldus Inc.
 
PPTX
IWMW 1998: Server Management (3) Controlling access
byIWMW
 
ODP
wanna be h4ck3r !
byEslam El Husseiny
 
PPTX
Encryption
byZeeshan Butt
 
PDF
CNIT 125: Ch 4. Security Engineering (Part 1)
bySam Bowne
 
PDF
Loggin alerting and hunting technology hub 2016
byScot Berner
 
PDF
CNIT 125 6. Identity and Access Management
bySam Bowne
 
PDF
Group Presentation Slide Week13
byYorito Tamura
 
Metasploit
byParth Sahu
 
CNIT 50: 1. Network Security Monitoring Rationale
bySam Bowne
 
Making a SOC Analyst
byPaulAronhalt
 
CISSP Prep: Ch 6. Identity and Access Management
bySam Bowne
 
Pki 201 Key Management
byNCC Group
 
CISSP Prep: Ch 7. Security Assessment and Testing
bySam Bowne
 
Incident response, Hacker Techniques and Countermeasures
byJose L. Quiñones-Borrero
 
UTD Computer Security Group - Cracking the domain
byUTD Computer Security Group
 
Cryptography101
byNCC Group
 
Weaponization of IoT
byJose L. Quiñones-Borrero
 
Hacking its types and the art of exploitation
byShubhamChoudhary171
 
Cryto Party at CCU
byJose L. Quiñones-Borrero
 
BackStabber Special: Supply chain attacks
byKnoldus Inc.
 
IWMW 1998: Server Management (3) Controlling access
byIWMW
 
wanna be h4ck3r !
byEslam El Husseiny
 
Encryption
byZeeshan Butt
 
CNIT 125: Ch 4. Security Engineering (Part 1)
bySam Bowne
 
Loggin alerting and hunting technology hub 2016
byScot Berner
 
CNIT 125 6. Identity and Access Management
bySam Bowne
 
Group Presentation Slide Week13
byYorito Tamura
 

Similar to Overview of NSA Security Enhanced Linux - FOSS.IN/2005

PDF
Linux Kernel Security Overview - KCA 2009
byJames Morris
 
PDF
MR201406 A Re-introduction to SELinux
byFFRI, Inc.
 
ODP
chroot and SELinux
byShay Cohen
 
PDF
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
byShawn Wells
 
PDF
SELinux Project Overview - Linux Foundation Japan Symposium 2008
byJames Morris
 
PPTX
Selinux
byMohitgupta8560
 
PPTX
SELinux_@gnu_group_meetup
byJayant Chutke
 
PDF
Flask: Flux Advanced Security Kernel
byLuis Espinal
 
PDF
SELinux Kernel Internals and Architecture - FOSS.IN/2005
byJames Morris
 
PPTX
SE Linux
byprimeteacher32
 
PDF
Linux Kernel Security: Adapting 1960s Technology to Meet 21st Century Threats
byJames Morris
 
PPTX
Security Enhanced Linux Overview
byEmre Can Kucukoglu
 
PDF
2008-10-15 Red Hat Deep Dive Sessions: SELinux
byShawn Wells
 
PDF
Se linux course1
byOWASP (Open Web Application Security Project)
 
PDF
Directions in SELinux Networking
byJames Morris
 
PDF
The State of Security Enhanced Linux - FOSS.IN/2007
byJames Morris
 
PPTX
interprocess communation and security in linux.pptx
bypaathuu04
 
PDF
Secure and Simple Sandboxing in SELinux
byJames Morris
 
PDF
Your First Guide to "secure Linux"
byToshiharu Harada, Ph.D
 
PDF
PPT_Compiled
byAvineshwar Singh
 
Linux Kernel Security Overview - KCA 2009
byJames Morris
 
MR201406 A Re-introduction to SELinux
byFFRI, Inc.
 
chroot and SELinux
byShay Cohen
 
2009-08-11 IBM Teach the Teachers (IBM T3), Linux Security Overview
byShawn Wells
 
SELinux Project Overview - Linux Foundation Japan Symposium 2008
byJames Morris
 
Selinux
byMohitgupta8560
 
SELinux_@gnu_group_meetup
byJayant Chutke
 
Flask: Flux Advanced Security Kernel
byLuis Espinal
 
SELinux Kernel Internals and Architecture - FOSS.IN/2005
byJames Morris
 
SE Linux
byprimeteacher32
 
Linux Kernel Security: Adapting 1960s Technology to Meet 21st Century Threats
byJames Morris
 
Security Enhanced Linux Overview
byEmre Can Kucukoglu
 
2008-10-15 Red Hat Deep Dive Sessions: SELinux
byShawn Wells
 
Se linux course1
byOWASP (Open Web Application Security Project)
 
Directions in SELinux Networking
byJames Morris
 
The State of Security Enhanced Linux - FOSS.IN/2007
byJames Morris
 
interprocess communation and security in linux.pptx
bypaathuu04
 
Secure and Simple Sandboxing in SELinux
byJames Morris
 
Your First Guide to "secure Linux"
byToshiharu Harada, Ph.D
 
PPT_Compiled
byAvineshwar Singh
 

More from James Morris

PDF
Adding Extended Attribute Support to NFS
byJames Morris
 
PDF
Have You Driven an SELinux Lately? - An Update on the SELinux Project - OLS ...
byJames Morris
 
PDF
Kernel Security for 2.8 - Kernel Summit 2004
byJames Morris
 
PDF
Mandatory Access Control Networking Update - Netonf 2006 Tokyo
byJames Morris
 
PDF
Anatomy of Fedora Kiosk Mode (FOSS.MY/2008)
byJames Morris
 
PDF
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004
byJames Morris
 
PDF
How and Why You Should Become a Kernel Hacker - FOSS.IN/2007
byJames Morris
 
PDF
sVirt: Hardening Linux Virtualization with Mandatory Access Control
byJames Morris
 
PDF
Better IPSec Security Association Resolution - Netconf 2006 Tokyo
byJames Morris
 
PDF
OLPC Networking Overview
byJames Morris
 
Adding Extended Attribute Support to NFS
byJames Morris
 
Have You Driven an SELinux Lately? - An Update on the SELinux Project - OLS ...
byJames Morris
 
Kernel Security for 2.8 - Kernel Summit 2004
byJames Morris
 
Mandatory Access Control Networking Update - Netonf 2006 Tokyo
byJames Morris
 
Anatomy of Fedora Kiosk Mode (FOSS.MY/2008)
byJames Morris
 
Cryptographic Hardware Support for the Linux Kernel - Netconf 2004
byJames Morris
 
How and Why You Should Become a Kernel Hacker - FOSS.IN/2007
byJames Morris
 
sVirt: Hardening Linux Virtualization with Mandatory Access Control
byJames Morris
 
Better IPSec Security Association Resolution - Netconf 2006 Tokyo
byJames Morris
 
OLPC Networking Overview
byJames Morris
 

Recently uploaded

PPT
software-security-intro in information security.ppt
byismaeelsahib032
 
PDF
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
PDF
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
PDF
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
PDF
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
PPTX
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
PDF
Day 2 - Network Security ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
by2nd Sight Lab
 
PDF
December Patch Tuesday
byIvanti
 
PPTX
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
PDF
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
PPTX
Data Privacy and Protection: Safeguarding Information in a Connected World
byYasir Naveed Riaz
 
PDF
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
PPTX
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
PDF
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
PDF
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
PPTX
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
PDF
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
DOCX
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
PPTX
cybercrime in Information security .pptx
byismaeelsahib032
 
PDF
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 
software-security-intro in information security.ppt
byismaeelsahib032
 
Security Forum Sessions from Houston 2025 Event
byMark Simos
 
Eredità digitale sugli smartphone: cosa resta di noi nei dispositivi mobili
bySpeck&Tech
 
Vibe Coding vs. Spec-Driven Development [Free Meetup]
byHaim Michael
 
Usage Control for Process Discovery through a Trusted Execution Environment
byValerioGoretti
 
Building Cyber Resilience for 2026: Best Practices for a Secure, AI-Driven Bu...
byYasir Naveed Riaz
 
Day 2 - Network Security ~ 2nd Sight Lab ~ Cloud Security Class ~ 2020
by2nd Sight Lab
 
December Patch Tuesday
byIvanti
 
Cloud-and-AI-Platform-FY26-Partner-Playbook.pptx
byiuiuiuiu1
 
Our Digital Tribe_ Cultivating Connection and Growth in Our Slack Community 🌿...
bysanjeetmishra30
 
Data Privacy and Protection: Safeguarding Information in a Connected World
byYasir Naveed Riaz
 
Decoding the DNA: The Digital Networks Act, the Open Internet, and IP interco...
byCSUC - Consorci de Serveis Universitaris de Catalunya
 
Unit-4-ARTIFICIAL NEURAL NETWORKS.pptx ANN ppt Artificial neural network
byssuserd4481a
 
GPUS and How to Program Them by Manya Bansal
byScyllaDB
 
Unser Jahresrückblick – MarvelClient in 2025
bypanagenda
 
Software Analysis &Design ethiopia chap-2.pptx
byAbbas484771
 
TrustArc Webinar - Looking Ahead: The 2026 Privacy Landscape
byTrustArc
 
iRobot Post‑Mortem and Alternative Paths - Discussion Document for Boards and...
byDave Litwiller
 
cybercrime in Information security .pptx
byismaeelsahib032
 
The major tech developments for 2026 by Pluralsight, a research and training ...
byChris Skinner
 

Overview of NSA Security Enhanced Linux - FOSS.IN/2005

  • 1.
    Overview of NSA Security Enhanced Linux James Morris jmorris@namei.org FOSS.IN/2005 Bangalore, India
  • 2.
    What is SELinux? ● Fine­grained Mandatory Access Control (MAC) ● Strongly separated domains ● Provides confinement of: ● malicious code ● flawed code ● user error/intention ● Enforces least privilege ● Protects integrity ● Flexible policy
  • 3.
    Discretionary Access Control (DAC)  ● Traditional Unix security model ● DAC is inadequate: – Decisions only based on user identity and ownership – No protection against malicious or flawed software – Each user has complete discretion over own objects – Only two major categories of users: admin and other – Coarse­grained and too much privilege – Unbounded privilege escalation
  • 4.
    Mandatory Access Control (MAC) ● “Missing link” of security in general OSs ● Primary features: – Administratively­set security policy – Control over all processes and objects – Decisions based on all security­relevant information
  • 5.
    MAC Implementation ● Traditionally inflexible, maps poorly to general case ● More than just Multilevel Security (MLS): – Enforce integrity, least privilege ● Generalized MAC via Type Enforcement (TE) ● Transparent to applications ● Decompose administrator role ● Policy flexibility
  • 6.
    SELinux Framework ● Composition of several security models – Role­Based Access Control (RBAC) – Type Enforcement (TE) – Optional Multilevel Security (MLS) ● Separation of mechanism and policy ● Can support further models as required
  • 7.
    Type Enforcement (TE) ● Domains for processes, types for objects ● Control access to objects by domains ● Control interactions between domains ● Control entry into domains ● Bind domains to code
  • 8.
    Types ● Attributes assigned to objects and domains ● Things of the same type are security­equivalent ● Examples: – httpd_t (apache execution domain) – httpd_log_t (apache log files) – httpd_config_t (apache configuration files) – httpd_sys_content_t (web content)
  • 9.
    Type Enforcement Rules ● TE rules defined in policy ● Include object labeling, and access control rules ● Examples: • allow httpd_t httpd_log_t:file  { create ioctl read getattr lock append }; • allow httpd_t httpd_config_t:file { read getattr lock ioctl }; • allow httpd_t httpd_sys_content_t:file { read getattr lock ioctl };
  • 10.
    Role Based Access Control (RBAC) ● Roles are attributes assigned to domains, e.g. – sysadm_r – system_r – user_r ● Specifies domains that can be entered by each role ● Specifies roles that are authorized for each user ● Initial domain associated with each user role
  • 11.
    Current Status ● Merged into upstream kernel during 2.5 series ● Adopted by several distributions ● Targeted policy for network facing services ● Possibly millions of users ● Basic tools
  • 12.
    Current Development ● MLS for production use ● Certifications: LSPP, RBACPP at EAL4+ ● Multi­category Security (MCS) ● Reference policy ● Modular policy
  • 13.
    Future Developments & Participation ● Better tools – Policy development and analysis ● High level policy language ● Distributed security management – User management, policy distribution, logging ● Desktop ● Application­level
  • 14.
    More Future Developments... ● Networked filesystems ● Hardware security (TPM): – Verified boot – Integrity verification – Remote attestation – Trusted path ● Virtualization ● Cryptographic policy
  • 15.
    Resources ● NSA SELinux Pages http://www.nsa.gov/selinux/ ● SELinux for Distributions http://selinux.sourceforge.net/ ● Mailing Lists (see above) ● IRC: irc.freenode.net #selinux ● SELinux Symposium 2006 (Feb/Mar) http://www.selinux­symposium.org/
  • 16.
    Acknowledgments ● Much of the source material for these slides was  derived from existing NSA presentations: – http://www.nsa.gov/selinux/info/docs.cfm