Security-Enhanced Linux (SELinux) Tutorial, 4pm Fri 4/1 UMBC

Security-Enhanced Linux (SELinux) is a Linux feature that provides a mechanism for supporting access control security policies that help secure a computer running it against many kinds of attacks.

UMBC Linux Users Group

SELinux Talk and Tutorial

David Quigley
Advanced Engineering & Development, Keyw Corporation

4:00pm Friday, 1 April 2011
Room 229 ITE, UMBC

Over a decade ago researchers at the National Information Assurance Research Lab at the NSA identified a need for flexible mandatory access controls to help provide a solid foundation for secure systems. This resulted in the development of the FLASK architecture, which has seen implementation in a number of operating systems. The most prominent implementation of FLASK is in the form of SELinux. Since the early days of SELinux adoption much work as been done to improve the utility and usability of SELinux. These enhancement have turned SELinux from a prototype research implementation into a robust access control mechanism that is used by a variety of customers world wide.

This talk is a from the ground up journey through SELinux. It starts with why do we need this technology and then moves through where to obtain it, how it works, and how to identify and solve problems associated with SELinux. In addition to these basics the talk also covers slightly more advanced topics such as hot to construct policy for new applications and hot to address customizations particular to your deployments.

David Quigley started his career as a Computer Systems Researcher for the National Information Assurance Research Lab at the NSA where he worked as a member of the SELinux team but has since left that position. David leads the design and implementation efforts to provide Labeled-NFS support for SELinux. David has previously contributed to the open source community through maintaining the Unionfs 1.0 code base and through code contributions to various other projects. David has presented at conferences such as the Ottawa Linux Symposium, the StorageSS workshop, LinuxCon and several local Linux User Group meetings where presentation topics have included storage, file systems, and security. David currently works as a Computer Science Professional for the Advanced Engineering and Development division at Keyw Corporation.

This talk is sponsored by the UMBC Linux Users' Group.

· directions · talks · events ·


by

Tags: