AbstractsComputer Science

Evaluation of Linux Security Frameworks

by Erik Karlsson

Institution: Umeå University
Year: 2010
Keywords: Natural Sciences; Computer and Information Science; Computer Science; Naturvetenskap; Data- och informationsvetenskap; Datavetenskap (datalogi); TECHNOLOGY; Information technology; Computer science; TEKNIKVETENSKAP; Informationsteknik; Datavetenskap; Civilingenjörsprogrammet i teknisk datavetenskap; Master of Science Programme in Computing Science and Engineering; teknik; Technology
Record ID: 1329663
Full text PDF: http://urn.kb.se/resolve?urn=urn:nbn:se:umu:diva-36664


  The number of threats to computers attached to networks continually increases. The focus of preventing security exploits has been on the network, while local exploits has been mostly overlooked. Many security problems in Unix systems stem from the way security is managed; by delegating all security decisions to object owners. There are a number of security frameworks which aim to remedy this in Linux by restricting access to kernel objects, such as files. Ericsson is interested in finding the best possible security frameworks for use with their Linux products.In this thesis, the available security frameworks are evaluated based on criteria given by Ericson. First, the theoretical foundation of computer security is explored to serve for an overview of the security frameworks and their properties. Then specific attributes are refined and their values gathered from each framework. These attributes then serve as a basis for selecting two frameworks for further testing.The selected frameworks are  SELinux  and AppArmor, based on commerical support, ease of integration, and overall protection measures. Tables with the collected attributes are presented for comparison.The frameworks  TOMOYO and SMACK  should have been given more consideration. AppArmor is not useful for the server-centric environment used at Ericsson.