Chris Evans <chrisat_private>: > On Wed, 16 May 2001, Jesse Pollard wrote: > > > > /etc/very/secret open. I'd like to be able to support tcp connect/accept > > > and udp send/recv to/from host:port via device (howz that for non-sense? ;-) > > > > Nope - very reasonable. It calls for IPSec layers on TCP, and CIPSO like > > identification as well. The packet filter firewall rules appear to be acting > > in the place of IPSec. > > > > I would like even more integration.... > > > > local user (running secret on host W) attempts to connect to host X. > > > > 1. capability test locally determines that user is allowed network access... > > > > 2. MLS combines access request with security label (secret) and passed to > > IPSec. > > > > 3. IPSec security association (SA) determines that encryptions of session > > (or packet) is mandatory - policy decision between the local facility > > and the remote facility containing X (and the requirements of the local > > security label and encryption negotiation between W and X...). > > If Linux had the capability to set up virtual encrypted network interfaces > (cipe?), why not simply > - label cipe0 as a device providing cryptographic transfers > - label your sensitive files as requiring a cryptographic transfer > => try and send over eth0 => EPERM 1. The number of connections is unknown and encryption negotiation needs to be handled (it can also be optional depending on the destination) 2. The data being exchanged may not be a file (database server composite retrieval, or results of computation) 3. Some data being exchanged would not require encryption between the same two hosts. 4. Must not be bypassed by the user. 5. Also need audit trail. 6. Simpler administration (only need some static SA entries, user IDs, and security labels defined between local facility agreements and the remote facility). 7. Some users would not be allowed to use the network (no external socket/bind allowed ...) I realize this is extreme, but I've been asked for this level before (and on other OS types too) ------------------------------------------------------------------------- Jesse I Pollard, II Email: pollardat_private Any opinions expressed are solely my own. _______________________________________________ linux-security-module mailing list linux-security-moduleat_private http://mail.wirex.com/mailman/listinfo/linux-security-module
This archive was generated by hypermail 2b30 : Thu May 17 2001 - 07:11:32 PDT