On the security of SELinux with a simplified policy

Katsuya Sueyasu, Toshihiro Tabata, Kouichi Sakurai

研究成果: Chapter in Book/Report/Conference proceedingConference contribution

1 被引用数 (Scopus)

抄録

Security-Enhanced Linux (SELinux) is a secure operating system. SELinux implements some features in order to perform strong access control. However, the configuration of SELinux access control becomes very complex. Such complexity may cause misconfiguration which can harm the strong access control. SELinux Policy Editor is a configuration tool for SELinux. It is developed in order to reduce the complexity and the risk of misconfiguration. As a part of its support of configuration, this tool simplifies the configuration of SELinux by integrating configuration items for complicated access control policy of SELinux. Although we can originally define and use macros which integrate permissions in SELinux access control policy, the integrated permissions of SELinux Policy Editor and the macros differ fundamentally in whether the use of them is mandatory or discretionary. In this paper, we examine effects of the simplification by SELinux Policy Editor on an example access control policy and evaluate the security of the access control based on the simplified policy about Apache, a web server software.

本文言語英語
ホスト出版物のタイトルProceedings of the IASTED International Conference on Communication, Network, and Information Security
編集者M.H. Hamza
ページ79-84
ページ数6
出版ステータス出版済み - 12 1 2003
イベントProceedings of the IASTED International Conference on Communication, Network, an d Information Security - New York, NY., 米国
継続期間: 12 10 200312 12 2003

出版物シリーズ

名前Proceedings of the IASTED International Conference on Communication, Network, and Information Security

その他

その他Proceedings of the IASTED International Conference on Communication, Network, an d Information Security
国/地域米国
CityNew York, NY.
Period12/10/0312/12/03

All Science Journal Classification (ASJC) codes

  • 工学(全般)

フィンガープリント

「On the security of SELinux with a simplified policy」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル