Re: [RFC][PATCH] EVM and SLIM LSM modules

From: Nick Petroni (npetroni@private)
Date: Tue Oct 18 2005 - 07:17:30 PDT


FYI,

>> A better description of what exactly you mean here (like what's LOMAC?)

LOMAC is an implementation of Biba's Low Water-Mark model by Tim Fraser.

>From http://www.nsa.gov/selinux/papers/freenix01/node19.html:

"The LOMAC [13] project has implemented a form of mandatory access
control based on the Low Water-Mark model in a Linux loadable kernel
module. LOMAC was not designed to provide flexibility in its support for
security policies; instead, it focuses on providing useful integrity
protection without any site-specific configuration, regardless of the
software and users present on a system. It should be possible to implement
the Low Water-Mark model in SELinux as a particular policy module."


[13] http://opensource.nailabs.com/lomac/docs/lomac-sp00.pdf

Project at: http://opensource.nailabs.com/lomac/

FREENIX paper at : http://opensource.nailabs.com/lomac/docs/lomac-freenix01.pdf

Best,
nick

Nick L. Petroni, Jr.
Graduate Student, Computer Science
Maryland Information Systems Security Lab
University of Maryland
http://www.cs.umd.edu/~npetroni



This archive was generated by hypermail 2.1.3 : Tue Oct 18 2005 - 07:18:15 PDT