Information Security
Have you ever got this feeling of being *watched* at an ATM, Airport or a Govt Building. If not try this ... generally all ATMs have (convex-)mirrors installed on top of the machines ( ICICI ATMs always have round convex mirror with slightly-curved triangular wooden frame). Why do they have to be convex ??? Well, put your finger on them .. and you would see "No" gap between your finger and its image. Yes, it means exactly what you are thinking. You been watched.
The govt says ..it has a right to interrogate ..the right of information ..the right to voyeur !!
"Well then who decides .. Who keeps all the information" - Kevin Mitnick.
The Orange Book
All those interested in aspects of info-security this book (or rather a draft) published in 1983 - "The Orange Book" is a must read. This book "defined" security and its policies in true sense. The main idea was that the security should not be left on the shoulders of application writers and its users, but governed by a central security policy. It should take care of both .. vulnerabilities in ptrace (left open by application writer) and ignorant users .. leaving faulty permissions here and there ( leaving a ignorant vunerabilty as it is called).
M$ widows security and ACL model is also inspired from similiar ideas .. And it would totally unjust for the linux fanatics to say that .. its not secure. M$ windows is just a bad implementation of a good design. Who can deny the micro-kernel architechture if WinNT and there ACL based security model.
The best thing about linux is that it doesn't take/includes anything in its face value. Take for example Solaris .. opensolaris code could easily show you have they have nt left any single complex algorithm in their design. Be it there scheduler or VFS. But even back in 1994 Linux 1.0 was atleast 3 times faster than Solaris.
On the contrary linux (atlest the kernel .. glibc sucks at times ) include in its code only whats works and works efficiently.
NSA - SELinux
Based on the "Orange Book" guidelines NSA designed the - "SELinux - Security Enhanced Linux". Some moron mailed on the NSA SELinux mailing list asking if NSA people are also integrating biometrics in SELinux ... The answer was very clear "SELInux is for authorization and not authentication".
Authentication deals with "*Who and When* should a person should be allowed to enter a system.
Authorization on the other hand answers - "What privileges should be given to the Subject just logged in".
SELinux ... takes on the system after PAM is done with the work. It examines not the subject but its actions on objects in system. Objects could be a file .. or even some other subject. It is a very good implementation of DTE (Domain Type Enforcement) and RBAC (Role Based Access Control) both described in The Orange book.
DTE understands only domains (Processes) and Types (Objects like files.) and defines rules as to which domain it allowed to act-upon a particular type. RBAC on the contrary understands only users and the roles which they can take up.
So, here is the complete pic.
User -> Role 1(admin) AND Role 2(apache)
But to the very nature of centralization .. it is prone to disasters. One wrong policy can blow off the entire system.
And you though your system is secure.
The govt says ..it has a right to interrogate ..the right of information ..the right to voyeur !!
"Well then who decides .. Who keeps all the information" - Kevin Mitnick.
The Orange Book
All those interested in aspects of info-security this book (or rather a draft) published in 1983 - "The Orange Book" is a must read. This book "defined" security and its policies in true sense. The main idea was that the security should not be left on the shoulders of application writers and its users, but governed by a central security policy. It should take care of both .. vulnerabilities in ptrace (left open by application writer) and ignorant users .. leaving faulty permissions here and there ( leaving a ignorant vunerabilty as it is called).
M$ widows security and ACL model is also inspired from similiar ideas .. And it would totally unjust for the linux fanatics to say that .. its not secure. M$ windows is just a bad implementation of a good design. Who can deny the micro-kernel architechture if WinNT and there ACL based security model.
The best thing about linux is that it doesn't take/includes anything in its face value. Take for example Solaris .. opensolaris code could easily show you have they have nt left any single complex algorithm in their design. Be it there scheduler or VFS. But even back in 1994 Linux 1.0 was atleast 3 times faster than Solaris.
On the contrary linux (atlest the kernel .. glibc sucks at times ) include in its code only whats works and works efficiently.
NSA - SELinux
Based on the "Orange Book" guidelines NSA designed the - "SELinux - Security Enhanced Linux". Some moron mailed on the NSA SELinux mailing list asking if NSA people are also integrating biometrics in SELinux ... The answer was very clear "SELInux is for authorization and not authentication".
Authentication deals with "*Who and When* should a person should be allowed to enter a system.
Authorization on the other hand answers - "What privileges should be given to the Subject just logged in".
SELinux ... takes on the system after PAM is done with the work. It examines not the subject but its actions on objects in system. Objects could be a file .. or even some other subject. It is a very good implementation of DTE (Domain Type Enforcement) and RBAC (Role Based Access Control) both described in The Orange book.
DTE understands only domains (Processes) and Types (Objects like files.) and defines rules as to which domain it allowed to act-upon a particular type. RBAC on the contrary understands only users and the roles which they can take up.
So, here is the complete pic.
User -> Role 1(admin) AND Role 2(apache)
Role 1 (admin) --- can enter domain --- Admin --- can read or exec
Role 2 (apache) --- can enter domain --- Apache -- can exec --- type 1 (binary files)
Role 2 (apache) --- can enter domain --- Apache -- can read --- type 3 (user files)
But to the very nature of centralization .. it is prone to disasters. One wrong policy can blow off the entire system.
And you though your system is secure.
posted by Jaspreet Singh at
11:20 PM
2 Comments
