Domain and type enforcement for linux

Authors:
Serge E. Hallyn;Phil Kearns
Affiliations:
College of William and Mary;College of William and Mary
Venue:
ALS'00 Proceedings of the 4th annual Linux Showcase & Conference - Volume 4
Year:
2000

Citing 5
Cited 11

Programming semantics for multiprogrammed computations

Communications of the ACM
An Approach to Dynamic Domain and Type Enforcement

ACISP '97 Proceedings of the Second Australasian Conference on Information Security and Privacy
Access Control: The Neglected Frontier

ACISP '96 Proceedings of the First Australasian Conference on Information Security and Privacy
Confining root programs with domain and type enforcement (DTE)

SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
A domain and type enforcement UNIX prototype

SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5

LOMAC: MAC You Can Live With

Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Integrating Flexible Support for Security Policies into the Linux Operating System

Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference
Linux Security Modules: General Security Support for the Linux Kernel

Proceedings of the 11th USENIX Security Symposium
Modular construction of DTE policies

ATEC '04 Proceedings of the annual conference on USENIX Annual Technical Conference
An OS security protection model for defeating attacks from network

ICISS'07 Proceedings of the 3rd international conference on Information systems security
Implementation of LSM-based RBAC module for embedded system

WISA'07 Proceedings of the 8th international conference on Information security applications
A proposal for an effective information flow control model for sharing and protecting sensitive information

AISC '09 Proceedings of the Seventh Australasian Conference on Information Security - Volume 98
Teaching access control with domain type enforcement

Journal of Computing Sciences in Colleges
A practical alternative to domain and type enforcement integrity formal models

Inscrypt'06 Proceedings of the Second SKLOIS conference on Information Security and Cryptology
A security architecture for adapting multiple access control models to operating systems

ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part V
Towards Usable Application-Oriented Access Controls: Qualitative Results from a Usability Study of SELinux, AppArmor and FBAC-LSM

International Journal of Information Security and Privacy

Quantified Score

Hi-index	0.00

Visualization

Abstract

Access control in Linux is currently very limited. This paper details the implementation of Domain and Type Enforcement (DTE) in Linux, which gives the system administrator a significant advantage in securing his systems. We control access from domains to types, domain transitions, and signal access between domains, based on a policy which is read at boot time.