SELinux Mailing List - NSA/CSS

Skip All Menus Skip Top Menu

Top Navigation Menus

Research Skip Research Menus Research Menu Security Enhanced Linux What's New Frequently Asked Questions Background Documents License Download Participating Mail List Archives Remaining Work Contributors Related Work Press Releases Information Assurance Research NIARL In-house Research Areas Mathematical Sciences Program Sabbaticals Computer & Information Sciences Research Technology Transfer Advanced Computing Advanced Mathematics Communications & Networking Information Processing Microelectronics Other Technologies Technology Fact Sheets Publications Related Links	Skip Search Box Searchbox SELinux Mailing List Re: SELinux project This message: [ Message body ] [ More options ] Related messages: [ Next message ] [ Previous message ] [ In reply to ] From: Trent Jaeger <jaegert_at_us.ibm.com> Date: Mon, 15 Sep 2003 17:31:22 -0400 So you have the following reqs: (1) Some form of Biba/BLP policy -- SELinux can provide support, but it depends on the details of your policy. SELinux does not directly support Biba, so you'd probably have to think in TE model and map (or verify as we do). (2) Use signatures to establish labels and encryption for secrecy -- this is mostly outside SELinux, so it should be doable (3) Multi-domain policies -- not supported explicitly in SELinux. If you have administrative control over the computers in question this could be done, but it is an open task. Trent. Trent Jaeger IBM T.J. Watson Research Center 19 Skyline Drive Hawthorne, NY 10532 jaegert@us.ibm.com *(914) 784-7225, FAX (914) 784-7595* kamal <kamalnee@iitk.ac.in> 09/15/2003 05:08 PM To: Trent Jaeger/Watson/IBM@IBMUS cc: SELinux@tycho.nsa.gov Subject: Re: SELinux project Thanks a lot for the suggestions! Our interest related to integrity is slightly different. SELinux seems to take good care of the security of the system. But consider a military environment and think about actual users. A high ranking officer has got lots of documents from juniors and his boss, some of them possibly copied from their directories, and some sent through email. Now all the documents should not appear same to him, there should be an easy classification based on integrity and confidentiality of a document. He should not unknowingly be able to move information in a way that violates Biba and BLP constraints. We also want to see how digital signatures and encryption can be tightly and transparently integrated with this, e.g. in assigning integrity level to an incoming email attachment. Another thing in our mind is decentralization of users' confidentiality/integrity levels. I mean putting this policy on some central server. After all, users don't belong to a computer, they belong to an organization. Decentralizing parts of general TE policy seems more difficult, levels seem easier to handle. I wonder whether all this makes sense. Does it? -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with the words "unsubscribe selinux" without quotes as the message. Received on Mon 15 Sep 2003 - 17:32:09 EDT This message: [ Message body ] Next message: Tracy R Reed: "IEEE Begins Standard to Create Baseline for More Secure Operating Systems" Previous message: kamal: "Re: SELinux project" In reply to: kamal: "Re: SELinux project" Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]
	Date Posted: Jan 15, 2009 \| Last Modified: Jan 15, 2009 \| Last Reviewed: Jan 15, 2009

bottom