Security Engineering Research Group

Recommended Stuff

1. lwn.net -> You can use my account username=shazkhan, password=”MMA’s international password”

I’ve emailed the Xen article but there are others of interest as well.

1. http://free-electrons.com/community/videos/conferences/
2. http://archive.fosdem.org/2008/media/video
3. http://www.thelinuxlink.net/ (Not certain if its healthy)

Linux Weekly News

Hi everyone. Anything regarding linux, which one needs to understand from simple to intermediate level can be found here http://lwn.net/.  Although it can not help in research much it can atleast give you clues and further links for investigation.

Needs of network for MAC

After the comparison of trendy MAC enhancements, I have been figuring out the general needs of a network for MAC. We have three places where MAC can and is enforced:

1. In Application: Where flow control of application is controled by labeling the data of the application. Current research is limited to MLS becuase its simple. And because the security type languages are not mature enough to handle the granularity. I have seen two framworks at this level, which make use of these languages. One of them has been partially integerated with selinux by using the application layer API to selinuxfs. I am curious why they are so interested in JAVA! There is no C extension.
2. On Application Layer: This is achieved for applications that do not use TCP/IP directly. They use RPCs so the common network controls cannot handle properly. The reason is that port to application mapping is done by portmapper daemon. Thus the rpc headers carry the security contexts. Such applications are NFS and NIS.
3. At TCP/IP Layer: Here the ports are labeled for the associated applications on both sides. I a hostile environment this would not prove useful so encryption would also be required. This is achieved by IPSEC associations being labeled. I am not fully satisfied by the mechanisms at this level because at one extreme we have lack of security and on the other hand manageability issues.

LDAP is on the todo list but nothing is currently being done about it upto my knowledge. The todo list also wants more granularity and API at TCP/IP layer.

Policy distribution being a great issue has no solid solutions yet. The only possibility to till now is a tranlation server, which would provide an equivalence mehanism for internode security contexts. But this is has been left as an idea and no progress is being made. IPSEC associations were provided only for subjects but currently they are working for providing object support but the work is hidden yet. They are thinking for CIFS support as well. Ephimeral ports can be handled with standard SELinux API for applications.

The biggest problem with distributed policy is the type enforcement, which is part of the security model/context. Leaving it out would be a solution but will affect greatly because code bindings will be lost, which will result in loss of integrity control. The context has three main models. User identity, role and TE. If one is lost it will affect the others because they are tied together to help each other. I am figuring out how much affect will be made. At the same time integrity can be measured with IMA and alike. I would like comments on what you ppl think about the differences in the integrity model of TE and IMA.

If anyone can come up with other ideas of network needs plz brainstorm so I figure out the requirements. There are others which I have’nt mentioned because they are trusted applications by SELinux. I find a gap over here because trusting applications is not a good idea. Information flows can work here. More on this when I get a solid insight on them.

What do you guys think should be my next target. Amin is sorting out to integerate his study with all this. So give ideas of possibilities. Any of you who thinks their work can have relevance plz share your findings so that we can be more useful to each other.

Some new selinux ideas

I have come across some talks about enabling selinux to achieve resource utilization using rbac. This sounds as a good research area. Do we have anyone to handle this.

IMA as a standalone service

The following paras are from the linux mailing list which is a mail sent by ibm ima team. They are working out this userspace ima thingy. I am still not satisfied. Mr. TAT can you plz verify it? I can email u the patches and the related mails as well. 

This is a request for comments for a subset of the original integrity
patches. By submitting this subset of the original patches, we hope to
simplify its review and ultimately ease its inclusion into the kernel.
For this reason, neither EVM nor SLIM are included in this patchset.
This patchset contains: Linux Integrity Module(LIM), Integrity
Measurement Architecture (IMA), and patches to the TPM driver. The LIM
patch defines 3 integrity API calls, 7 integrity hooks, placement of
the hooks, and a dummy integrity service provider. There are very minor
changes from the previous release.  The IMA patch is now an independent
integrity service provider, which provides support for a subset of the
integrity API calls.

IBAC, a sample LSM module, which helps clarify the interaction between
LSM and LIM modules, will be posted separately to the LSM mailing list.
In addition, we are working on an SELinux integrity patch to take
advantage of the integrity services, in a similar way to the IBAC
example.

Patch 1/3 integrity: Linux Integrity Module (LIM)
Patch 2/3 integrity: IMA as a stand alone integrity service provider
Patch 3/3 integrity: TPM internal kernel interface

Mimi Zohar
Dave Safford

TPM Manager for Linux released!

Ruhr-University Bochum and Sirrix AG have developed an open source application providing an easy to use graphical user interface to manage and configure a Trusted Platform Module (TPM).

The TPM Manager can be used on PC systems equipped with a TPM that is supported by the Linux kernel. Users of such systems can now easily check the capabilities of their TPM, read out public keys and certificates, or change the TPM settings like, e.g., disable or activate it.

The TPM Manager is currently available for Linux only, but should be easily portable to other operating systems providing a TSS API. The source code of the TPM Manager is available on SourceForge at [1] and licensed under GPL. We (Ruhr-University Bochum and Sirrix AG ) appreciate feedback from users who like to give it a try. Users will also find help and support on the Trusted Computing Forum at [2].

[1] http://sourceforge.net/projects/tpmmanager/
[2] http://forum.emscb.org

amin.

For SHAZ KHAN!

here are links…

http://www.linux.com/articles/59932

http://www.bastille-linux.org/

http://mimirsecure.blogspot.com/

http://www.osnews.com/subthread.php?news_id=15784&comment_id=160864

http://www.linux.com/articles/58789

plz each link very closely…some detail are very hiiden…needs some effort…

will post more.

amin.

Loadable Policy Module

I have been throught  the architecture of loadable policy module. Its really nice. Now I am understanding to handle it and write policies accordingly. I am going through 2005 nsa technical document containing configuration of selinux policies. I hope it helps.

Currently I need to know where the text form of the policy lies if any? And if it is’nt there how do I make one. Per package or per module is easy and i know it but what about base. Then how do I make a policy for corenetwork. And I am not getting any messages in permissive mode! There is a solution but this should be by default!

Mr. MMA what do u suggest?

Slim, EVM and TPM (3.2.0)

Follow this link  for a simple idea. Further it has a link to ibm research page. This link metions an old study but this page will be updated.

Let me know what you ppl think of it. It is a more updated approach than IMA. And it is a loadable userspace module! Mr. MMA will like it.

Sir Mr. MMA I am waiting for your coments regarding IPSec article by Joshua.

Core 7

Congradulations! Fedora Core 7  has been released.

Mr. TAT plz put it on download tomorow. I have some other things to download too. Maybe I’ll show up tomorow.