Linked by Amjith Ramanujam on Fri 18th Jul 2008 17:06 UTC, submitted by Rahul
Linux security may seem daunting, but there are a host of best practices to simplify the maze. Recently, Steve Grubb of Red Hat Inc. outlined some important security principles, including minimizing admin access, the increasing sophistication of SELinux and the importance of auditing systems.
Thread beginning with comment 323623
To read all comments associated with this story, please click here.
To read all comments associated with this story, please click here.
RE: Information Security: CIAA
by SEJeff on Fri 18th Jul 2008 21:23
in reply to "Information Security: CIAA"
Member since:2005-11-05
Pretty good, but you are missing one of the main buzzwords that SELinux was designed to achieve, IA (Information Assurance)[1].
SELinux is a form of MAC (Mandatory Access Control)[2] that provides IA. A simpler version of MAC such as SMACK or AppArmour can't do IA by design. The pathname isn't enough information to do proper IA flow.
This is a good article though.
[1] http://en.wikipedia.org/wiki/Information_assurance
[2] http://en.wikipedia.org/wiki/Information_assurance
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2006-03-20
There is too much confusion about information security - often technology or product led. Just because you can do firewalling doesn't mean you should. Just because you can do user account control doesn't mean its the end of the story.
To analsyse an information system with respect to security, look at it from the perspective of the following four orthogonal views:
* Confidentiality / Privacy
Information should only be viewable by those authorised to do so. Is this maintained in the system I am looking at? (linux: init 1?)
* Integrity
The integrity of informations should be maintained and verifiable. This includes both the source of the information - source integrity, as well as the message itself in transit - message integrity. Not many system maintain do this sufficiently for the purposes of their jobs. Also think, spam and phishing!
* Availability
A system or service should aim to maintain availability or quality of service appropriate to its intended purpose. An attacker may not seek to read your messages or subvert them - just slow them down to an unusable crawl, or even knock your system out. Many see this as Denial Of Service.
* Auditability
Who did What, When and Why?
The above perspectives can be applied to large complex systems or small individual components.