Extending Linux for Multi-Level Security
暂无分享,去创建一个
LinuxTM distributions have received numerous Common Criteria certifications in the last few years. Building on the recent Controlled Access Protection Profile (CAPP) certifications, an Open Source development effort to make Linux compliant with the Labeled Security Protection Profile (LSPP) and Role-Based Access Control Protection Profile (RBACPP) has been ongoing for almost two years. Development included adding and augmenting features of SELinux and other Linux components. This paper explores the evolution of, and rationale behind, the features developed to meet LSPP and RBACPP, and it discusses the current state of development and lessons learned.
[1] Helmut Kurth,et al. Certifying open source - the Linux experience , 2004, IEEE Security & Privacy Magazine.
[2] D. Elliott Bell,et al. Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .
[3] David A. Wheeler,et al. Secure Programming for Linux and Unix HOWTO , 2003 .
[4] Morrie Gasser,et al. Building a Secure Computer System , 1988 .
[5] Jonathan M. McCune,et al. Leveraging IPsec for Distributed Authorization , 2006 .