JENNIS SHRESTHA CSC 345 TERM PAPER April 24, 2014 SECURITY ENHANCED LINUX INTRODUCTION In the world today, technologies are being developed every day. Be it a simple electronic device or a huge rocket, they are all controlled by a software. Among many operating system found in market, Linux has been considered as one of the finest, efficient and reliable operating system. It is based on Unix-like and POSIX-complaint computer operating system. Since, it is a free and open source software development and distribution, the use of Linux has been rocketing as it can be made fit into any system with little bit of change in variant depending on the system. As of June 2013, 95% of the world super computers are operated by Linux. However, the growing use of Linux on high profile projects such as national securities, banks and hospitals, it has invited numerous threats such as hacking. To stop the malicious attempts of hacking and to protect the systems, the United States National Security Agency (NSA) has been continually working to develop security on the operating systems. The birth of Security Enhanced Linux was possible after lots of efforts by the NSA's National Information Assurance Research Laboratory. According to NSA Security Enhanced Team, "NSA Security-enhanced Linux is a set of patches to the Linux kernel and some utilities to incorporate a strong, flexible mandatory access control (MAC) architecture into the major subsystems of the kernel. It provides an enhanced mechanism to enforce the separation of information based on confidentiality and integrity requirements, which allows threats of tampering and bypassing of application security mechanisms to be addressed and enables the confinement of damage that can be caused by malicious or flawed applications. It includes a set of sample security policy configuration files designed to meet common, general-purpose security goals." FLASK Security Enhanced Linux implements Flux Advanced Security Kernel (FLASK). FLASK is security architecture design for an operating systems that is very flexible, powerful and secure that provide numerous utilities designs to bring Mandatory Access Control in use in Linux. The project was first developed for Mach microkernel in collaboration of National Security Agency, the University of Utah, and the Secure Computing Corporation. It provided a secure platform and framework for operating system. Since, Linux was getting popular, the project was shifted towards Linux. Open Solaris FMAC, TrustedBSD, NSA's SE Linux are some examples of FLASK systems. Mechanism of FLASK in SE Linux FLASK architecture provides flexibility and co-ordinate subsystems to work consistently to enforce and make security decisions, and the components required to complete the task within each subsystem. The decisions are also monitored on course of time as the decisions may need to be changed over time. Moreover, it also provides support for application transparency, defense-in-depth, ease of assurance, and minimal performance impact. As shown in the figure 1 below, FLASK engages object manager and provides platform to retrieve access, labeling and polyinstantiation decisions from a security server. Then, the status of the permission between two entities is specified by the access decision that is typically between subject and object. Figure 1: FLASK Architecture Labeling handles the security attributes to be written to object. Polyinstantiation specify which member of the polyinstantiated set to be called for particular request. After that, Access Vector Cache helps object manager to reduce the performance overhead. Lastly, object manger are also provided permissions to register to get notifications of changes in security policies. Mandatory Control Access Policies Many versions of Linux that are integrated with FLASK enforces Mandatory Access Control (MAC). Systems integrated with Mandatory Access Control provides administrators to control and define the users' access and usage policies. Once the policies are enforced by the administrator, a user cannot modify or change the permissions and control structures that have been implemented. MAC also provide authorities to administrators to limit resources for particular user. For example, an administrator can set permissions of criteria such as read, write, access into the file including which users can use it and which users cannot use it. These are not only the attributes that can be changed to apply securities, there are many more such as; it can be used to protect network, block users to access anything or even block ports and sockets for security. On top of these, MAC also provides functions to choose specific configuration settings to increase performance and reduce the overhead time. The specific configuration settings include selection of the priority policies and reduction of support for less priority policies. Why Mandatory Access Control Over Discretionary Access Control in SE Linux? Figure 2 MAC Vs DAC We can have a complete idea looking at this figure 2. In Discretionary Access Control, the security policy enforced by the administrator can be easily override from loop holes. Moreover, after gaining access to the system, they can change the entire system policies as preference were given to ownership of the object and subject identity. Many hacking issues were being created as there was no protection against broken software and malwares could not be blocked due its ownership right. Whereas in Mandatory Access Control System, different parts of the programs have different policies which cannot be changed on the breach of other policies. The administrator have full control over system and security against broken software and malwares are implemented. Implementation of security policies Security policies implemented on the system to enforce many kinds of mandatory access control are as follows: i. Type Enforcement Mandatory Access Control priority is given over Discretionary Access Control. In type enforcement process, the subject (process) accessing objects (files, records) is given access clearance first. ii. Role Based Access Control Role based security provides approach to handle companies that have many employees where the authorized users are restricted to complete system access. This type of access control can have both MAC and DAC implementations. iii. Multilevel Security Multilevel Security is advanced security system among the two. It provides different security levels to different users based on their level to access system resource. For example, a clerk has lower limit of authorization than the manager. Features Security Enhanced Linux provides all the features provided by an ordinary Linux. Moreover, there are many distinct features provided to enhance security that are not provided by an ordinary Linux. They are: i. Enforces clean separation of policy ii. Interfaces are well defined iii. Every policies are independent of specific policies and policy languages iv. Independent of specific security label formats and contents v. Kernel objects and services are provided with individual labels and controls vi. Increased efficiency because of caching of access decisions vii. Support for policy changes viii. Initialization, inheritance and program execution can be controlled ix. File systems, directories, files, and open file description can be controlled x. Sockets, messages and networking interfaces can also be controlled Conclusion Security Enhanced Linux is the most required operating system in today's world. Security and privacy have been real concerns due to increasing digitized materials. It can provide much needed security to the systems that needs to be confidential. Malicious efforts from hackers would also be in control with more use of security enhanced linux. Moreover, open source system allows the system to improve rapidly over short period of time. References: Ray Spencer, Stephen Smalley,, Peter Loscocco, Mike Hibler, David Andersen, and , Jay Lepreau. "The Flask Security Architecture: System Support for Diverse Security Policies." N.p., n.d. Web. "Frequently Asked Questions." SELinux Frequently Asked Questions (FAQ). N.p., n.d. Web. 23 Apr. 2014. <http://www.nsa.gov/research/selinux/faqs.shtml#I2>. "Security Enhanced Linux." Security-Enhanced Linux. N.p., n.d. Web. 23 Apr. 2014. <http://www.nsa.gov/research/selinux/>. "NB TE." - SELinux Wiki. N.p., n.d. Web. 23 Apr. 2014. <http://selinuxproject.org/page/NB_TE>. "16.3. Explanation of MAC." 16.3. Explanation of MAC. N.p., n.d. Web. 23 Apr. 2014. <http://www5.us.freebsd.org/doc/handbook/mac-initial.html>. "Mandatory Access Control." What Is ? N.p., n.d. Web. 23 Apr. 2014. <http://www.webopedia.com/TERM/M/Mandatory_Access_Control.html> "Security-Enhanced Linux." Wikipedia. Wikimedia Foundation, 23 Apr. 2014. Web. 23 Apr. 2014. <http://en.wikipedia.org/wiki/Security-Enhanced_Linux>.