GreenYes Archives
[GreenYes Home] - [Thread Index] - [Date Index]
[Date Prev] - [Date Next] - [Thread Prev] - [Thread Next]

[GreenYes] Linux Hackers with govt. help
Sorry, I know the forum is about recycling but I think this is important too. What the hech, the govt. is helping out .----Bruce

                                                               NSA PRESS RELEASE
                                                                     2 January 2001
                                                      For further information, contact:
                                                    NSA Public Affairs, (301) 688-6524


                               NATIONAL SECURITY AGENCY SHARES
                                SECURITY ENHANCEMENTS TO LINUX                     Recognizing the critical role of operating system security mechanisms in
supporting security for critical and sensitive applications, National Security
Agency (NSA) researchers have been investigating an operating system
architecture that can provide the necessary security functionality in a
manner that can meet the security needs of a wide range of computing
environments. The NSA is pleased to announce that it has developed, and
is making available to the public, a prototype version of a
security-enhanced Linux system. The prototype includes enhancements to
Linux that provide new, stronger protection against tampering and
bypassing of application security mechanisms and greater limits on the
damage that can be caused by malicious or flawed applications.

   The security mechanisms implemented in the system provide flexible
support for a wide range of security policies. The currently implemented
access controls are a combination of type enforcement and role-based
access control. The specific policy enforced by the kernel is dictated by
security policy configuration files which include type enforcement and
role-based access control components. This release includes a set of
sample security policy configuration files designed to meet common,
general-purpose security goals.

    Both the President's National Coordinator for Security, Infrastructure
Protection, and Counter-Terrorism and the President's Information
Technology Advisory Committee have recently called for increasing the
federal government's role as both user and contributor to open source
software. "Open source software plays an increasingly important role in
federal IT systems. I'm delighted the NSA's security experts are making
this valuable contribution to the open source community," said Jeffery
Hunker, Senior Director for Critical Infrastructure at the White House
National Security Council.

   Since this system is a prototype, there is still much work to be done to
develop a complete security solution. Anyone interested in experimenting
with the system or getting more information about it, should visit the
project web site at http://www.nsa.gov/selinux. This site contains the
source to the system as well as some technical documentation about it.

   NSA is presenting this system under the terms of the GNU General
Public License with the intention to work with the Linux community to
refine these enhancements for eventual inclusion into Linux. The system is
not intended to be a complete security solution for Linux, nor does it
correct any flaws that may currently exist in Linux.

  The Information Assurance Research Office of the NSA is responsible for
conducting research and advance development of technologies needed to
enable the NSA to provide the Solutions, Products, and Services to
achieve Information Assurance for information infrastructures critical to
U.S. National Security interests. The security-enhanced Linux prototype
was developed in conjunction with research partners from NAI Labs,
Secure Computing Corporation (SCC), and MITRE Corporation. Researchers
at the NSA implemented the security architecture in the major subsystems
of the Linux kernel with some refinements provided by NAI Labs. SCC,
MITRE, and NAI Labs also assisted the NSA in developing application
security policies and enhanced utilities for the system.



Get 250 color business cards for FREE! at Lycos Mail
http://mail.lycos.com/freemail/vistaprint_index.html





[GreenYes Home] - [Date Index] - [Thread Index]
[Date Prev] - [Date Next] - [Thread Prev] - [Thread Next]