Integrating Flexible Support for Security Policies into the Linux Operating System
Peter Loscocco (National Security Agency)
First published: December 2000
The protection mechanisms of current mainstream operating systems are inadequate to support confidentiality and integrity requirements for end systems. To address this problem, NSA worked with Secure Computing Corporation (SCC) to develop a strong, flexible mandatory access control architecture based on Type Enforcement. The architecture, now called Flask, was prototyped in the Mach and Fluke research operating systems. NSA is now integrating the Flask architecture into the Linux operating system to transfer the technology to a larger developer and user community. NAI Labs, SCC, and MITRE are assisting NSA in this integration. This report presents the design and implementation for integrating the security mechanisms of the Flask architecture into the Linux kernel.viewer application or a Web browser plug-in that supports the PDF file format.
Linux is a registered trademark of Linus Torvalds
Date Posted: Jan 15, 2009 | Last Modified: Jan 15, 2009 | Last Reviewed: Jan 15, 2009