Piotr Sasak



About speaker:
Piotr Sasak is assistant in the Institute of Computing Science of Poznan? University of Technology. He develops and teaches computer systems security subjects. As one of the first in Poland he has been preparing laboratory exercises with RSBAC project. In recognition of the high value of the work, their materials have been published on the RSBAC project website. The researchers work with security of computer systems, especially the security of operating systems, like RSBAC, SELinux, AppArmor. In near future they are planning to run test systems with both MAC projects in Linux. He also works with computer networks as network administrators and instructors. He is instructor of Cisco Networking Academy.

Mandatory Access control in Linux operating system.

Computer systems keep gaining a more and more important role in our everyday life. This enormous impact leads to the growth of requirements towards operating systems. Often, the key role for the security of the whole computer system is played by the low level software which manages all of the computer system components. Operating system is regarded as such software as it is the source of basic system functionality serving higher level user applications. Correctness of accomplishment of these basic functionalities as well as the lack of vulnerabilities are essential for operating system and user application security. Currently available operating systems were not designed with complex security mechanism in mind. The introduction of new functions to operating system had the highest priority. Those functionalities are important but security issues must also be taken into consideration. Mandatory access control systems are able to help to fulfill more complex computer security requirements. There are a few projects which aim to incorporate mandatory access control mechanism in Linux operating system.

This paper concentrates on two of them: SELinux project and RSBAC project.