Abstract
There are many extensions to the Linux security model that are available. ConSA [1] aims to provide a configurable architecture, and should allow many security systems to be implemented. A prototype ConSA system has been implemented in Linux. This paper will examine how ConSA relates to currently available Linux security extensions.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35587-0_24
Chapter PDF
Similar content being viewed by others
References
M. S. Olivier, Towards a Configurable Security Architecture, Data and Knowledge Engineering, To appear.
D. E. Bell and L. J. LaPadula, “Secure computer system: unified exposition and Multics interpretation”, Rep. ESD-TR-75–306, March 1976, MITRE Corporation
The Linux-PAM System Administrators’ Guide, Andrew G. Morgan, 1998
Inside Unix, Chris Hare, Emmett Dunlaney, George Eckel, Steven Lee, Lee Ray, New Riders Publishing, 1994
The Linux Kernel book, Remy Card, Eric Dumas, Frank Mevel, Wiley, 1997
Confining Root Programs with Domain and Type Enforcement, USENIX UNIX Security Symposium, 1996
Practical Domain and Type Enforcement for UNIX, L. Badger, D. F. Sterne, D. L. Sherman, K. M. Walker, S. A. Haghighat, IEEE Symposium on Security and Privacy, 1995
A Domain and Type Enforcement UNIX Prototype, IEEE Symposium on Security and Privacy, 5th USENIX UNIX Security Symposium
Controlling Network Communication with Domain and Type Enforcement, L. Badger, D. F. Sterne, D. L. Sherman, K. M. Walker, S. A. Haghighat, S. L. Murphy, Proceedings of the 1995 National Information Systems Security conference.
The Controlled Application Set Paradigm for Trusted Systems, D. F. Sterne, Glenn S. Benson, Proceedings of the 1995 National Information Systems Security conference.
Rule Set Based Access Control as proposed in the ‘Generalized Framework for Access Control’, Amon Ott, Masters Thesis, 1997
From a Formal Privacy Model to its Implementation, Simone Fischer-Hübner, Amon Ott, National Information Systems Security Conference, 1998
Design Specification: An Implementation of Access Control Lists for Linux, http://students.dwc.edu/frival/acl/acldesign.html
The Linux Trustees Project, http://www.braysystems.com/linux/trustees.html
Group ACL for ext2 in LiVE, http://aerobee.informatik.uni-bremen.de/acLeng.html
LOMAC - Low Water-Mark Mandatory Access Control User’s Manual v0.2, Tim Fraser, NAI Labs, 1999
The Single UNIXR Specification, Version 2, The Open Group, 1997, www.opengroup.org
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Hardy, A., Olivier, M.S. (2002). A Comparison Between ConSA and Current Linux Security Implementations. In: Olivier, M.S., Spooner, D.L. (eds) Database and Application Security XV. IFIP — The International Federation for Information Processing, vol 87. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35587-0_15
Download citation
DOI: https://doi.org/10.1007/978-0-387-35587-0_15
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-1028-1
Online ISBN: 978-0-387-35587-0
eBook Packages: Springer Book Archive