H O Sai Varshith, Jaideep Vaidya, Shamik Sural, Vijayalakshmi Atluri
{"title":"在Linux内核中启用基于属性的访问控制。","authors":"H O Sai Varshith, Jaideep Vaidya, Shamik Sural, Vijayalakshmi Atluri","doi":"10.1145/3488932.3527293","DOIUrl":null,"url":null,"abstract":"<p><p>Linux has built-in security features based on discretionary access control that can be enhanced using the Linux Security Module (LSM) framework. However, so far there has been no reported work on strengthening Linux with Attribute-Based Access Control (ABAC), which is gaining in popularity in recent years due to its flexibility and dynamic nature. In this paper, a method for enabling ABAC for Linux file system objects using LSM is proposed. We report initial experimental results and also share our public repository links for integrating ABAC in any Linux installation.</p>","PeriodicalId":72308,"journal":{"name":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2022-05-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9825047/pdf/nihms-1854493.pdf","citationCount":"0","resultStr":"{\"title\":\"Enabling Attribute-Based Access Control in Linux Kernel.\",\"authors\":\"H O Sai Varshith, Jaideep Vaidya, Shamik Sural, Vijayalakshmi Atluri\",\"doi\":\"10.1145/3488932.3527293\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p><p>Linux has built-in security features based on discretionary access control that can be enhanced using the Linux Security Module (LSM) framework. However, so far there has been no reported work on strengthening Linux with Attribute-Based Access Control (ABAC), which is gaining in popularity in recent years due to its flexibility and dynamic nature. In this paper, a method for enabling ABAC for Linux file system objects using LSM is proposed. We report initial experimental results and also share our public repository links for integrating ABAC in any Linux installation.</p>\",\"PeriodicalId\":72308,\"journal\":{\"name\":\"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2022-05-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9825047/pdf/nihms-1854493.pdf\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3488932.3527293\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Asia CCS '22 : proceedings of the 2022 ACM Asia Conference on Computer and Communications Security : May 30-June 3, 2022, Nagasaki, Japan. ACM Asia Conference on Computer and Communications Security (17th : 2022 : Nagasaki-shi, Japan ; ...","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3488932.3527293","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Enabling Attribute-Based Access Control in Linux Kernel.
Linux has built-in security features based on discretionary access control that can be enhanced using the Linux Security Module (LSM) framework. However, so far there has been no reported work on strengthening Linux with Attribute-Based Access Control (ABAC), which is gaining in popularity in recent years due to its flexibility and dynamic nature. In this paper, a method for enabling ABAC for Linux file system objects using LSM is proposed. We report initial experimental results and also share our public repository links for integrating ABAC in any Linux installation.