Lothlorien: mandatory access control using linux security modules

Authors:
K. Harsha;Bharath M. Palavalli;Shrisha Rao;Ashwin Ashwin
Affiliations:
Center for Study of Science, Technology and Policy, Bangalore;Center for Study of Science, Technology and Policy, Bangalore;Intemational Institute of Information Technology, Electronic City, Bangalore;Intemational Institute of Information Technology, Electronic City, Bangalore
Venue:
IMSAA'09 Proceedings of the 3rd IEEE international conference on Internet multimedia services architecture and applications
Year:
2009

Citing 3
Cited 0

Integrating Flexible Support for Security Policies into the Linux Operating System

Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Kernel korner: filesystem labeling in SELinux

Linux Journal
The flask security architecture: system support for diverse security policies

SSYM'99 Proceedings of the 8th conference on USENIX Security Symposium - Volume 8

Quantified Score

Hi-index	0.00

Visualization

Abstract

The concept of Mandatory Access Controls (MAC) enforces a security policy on users. Linux Security Modules (LSM) provides for development of such frameworks. Lothlorien is an exploratory framework using LSM and the POSIX 1.e draft specifications'1 Extended Attributes (EA) to implement MAC on Linux. Lothlorien makes use of system call hooks provided by LSM to place checks on the access to system resources. The entire system is divided logically into different zones where the resources and users of the systems are distributed depending on their security context similar to a real organisation. Along with the already available Discretionary Access Control (DAC) on Linux, Lothlorien intends to achieve TCSEC Bllevel of security. A policy will define the rules of access. Separating all the entities of the system allows fine-grained access control.