Chavez Lugo, Pedro , Flores, Juan J. , Garcia Garcia, Juan Manuel

No

Proceedings Of The 7th Wseas International Conference On Data Networks, Communications, Computers (dncoco '08): Recent Advances In Data Networks, Communications, Computers

Proceedings Paper

Científica

✗

✗

01/01/2008

000263631400023

Users and organizations seek to obtain from all operating system integrity, confidentiality and availability in both hardware and software resources. These characteristics must come coupled with easy handling and administration. An operating system designed under the criteria of the class A1, consists of a collection of security strengthening mechanisms for the kernel. SELinux is an example of this hype of operating system that supports several types of security policies applied to access control. In this article we address the problem of inconsistency in SELinux policies, which is present in distributed environments. To solve this problem we propose all architecture that integrates a policy: server for enabling a simple and secure administration. The policy server collects, integrates, and updates all policies that are applied in the distributed environment. We aim to achieve authenticity integrity and confidentiality in the policy update process through the Kerberos V protocol. We propose a redundant policy server We do not assure that the proposed architecture is bug free it is impossible to guarantee a completely secure system. Nonetheless, we consider it a viable solution for centralized management of SELinux policies.