Episode 5 - Linux Security, LSPP and MLS with George Wilson

 

George Wilson is interviewed about the Labeled Security Protection Profile and the Multi-Level Security projects on Linux.

 
icon for podpress  Standard Podcast [21:08m]: Play Now | Play in Popup | Download (548)
icon for podpress  Other Media [21:08m]: Download (126)

Additional Information

  • General Security Textbook that Describes MLS - Ross Anderson, Security Engineering: A Guide to Building Dependable Distributed Systems, Wiley, January 22, 2001, http://www.cl.cam.ac.uk/~rja14/book.html
  • Formal Multi-Level Security Definition - D. Elliott Bell and Leonard J. La Padula, Secure Computer Systems: Unified Exposition and MULTICS Interpretation, Technical Report MTR-2997 Rev. 1, MITRE, 1976, http://csrc.nist.gov/publications/history/bell76.pdf
  • NSA Rational for Mandatory Access Control - Loscocco, Peter, et al., “The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments”, Proceedings of the 21st National Information Systems Security Conference, October 1998, http://www.nsa.gov/selinux/papers/inevitability/
  • SE Linux Textbook - Mayer, Frank, et al., SELinux by Example, Prentice Hall, July 2007, http://www.tresys.com/selinux/selinux-book.html
  • Common Criteria Validated Product Lists
    • Bundesamt für Sicherheit in der Informationstechnik, Zertifizierungsreporte,Website, http://www.bsi.bund.de/zertifiz/zert/report.htm
    • National Information Assurance Partnership, Validated Products List, Website, http://www.niap-ccevs.org/cc-scheme/vpl/
  • Common Criteria Protection Profiles
    • National Institute for Standards and Technology, Role Based Access Control Protection Profile, Version 1.0, July 1998, http://niap-ccevs.org/cc-scheme/pp/archived/pp_rbac_v1.0.pdf
    • National Security Agency, Controlled Access Protection Profile, Version 1.d, October 1999, http://www.commoncriteriaportal.org/public/files/ppfiles/capp.pdf
    • National Security Agency, Labeled Security Protection Profile, Version 1.b, October 1999, http://www.commoncriteriaportal.org/public/files/ppfiles/lspp.pdf
  • NSA Security Enhanced Linux Website - http://www.nsa.gov/selinux/
  • RHEL 5 LSPP FTP Site - ftp://ftp.redhat.com/pub/redhat/linux/eal/EAL4_RHEL5/IBM/
  • RHEL 5 LSPP Evaluated Configuration Guide - IBM, LSPP EAL4 Evaluated Configuration Guide for Red Hat Enterprise Linux on IBM hardware, May 2007, Website, http://download.boulder.ibm.com/ibmdl/pub/software/dw/linux/RHEL-LSPP-EAL4-IBM-Configuration-Guide.pdf

No Comments »

Leave a comment

You must be logged in to post a comment.