dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


LinuxSecurity.com: Rule Set Based Access Control (RSBAC) for Linux version 1.1.0

Dec 12, 2000, 07:51 (0 Talkback[s])
(Other stories by Amon Ott)

WEBINAR:
On-Demand

Re-Imagining Linux Platforms to Meet the Needs of Cloud Service Providers


"RSBAC is an open source security extension for current Linux kernels. It is based on the Generalized Framework for Access Control (GFAC) by Abrams and LaPadula and provides a flexible system of access control based on several modules."

"All security relevant system calls are extended by security enforcement code. This code calls the central decision component, which in turn calls all active decision modules and generates a combined decision. This decision is then enforced by the system call extensions."

"Decisions are based on the type of access (request type), the access target and on the values of attributes attached to the subject calling and to the target to be accessed. Additional independent attributes can be used by individual modules, e.g. the privacy module (PM). All attributes are stored in fully protected directories, one on each mounted device. Thus changes to attributes require special system calls provided."

Complete Story

Related Stories: