Difference between revisions of "SELinux models"

From SELinux Wiki
Jump to: navigation, search
(Multi Level Security)
Line 12: Line 12:
  
  
The Role-based Access Control attribute is the second attribute in the Security context. This attribute is used to assign Security domains to SELinux User Identities. Role-Based Access Control is only applicable to processes. The SELinux Role attribute in Security contexts for files is generic.
+
The Role-based Access Control attribute is the second attribute in the Security context. This attribute is used to assign Security domains to SELinux User Identities. Role-Based Access Control is only applicable to processes. The SELinux Role attribute in Security contexts for objects is generic.
  
 
== Type Enforcement ==
 
== Type Enforcement ==
  
  
The Type Enforcement attribute is the third attribute in the Security context. This attribute is used to assign types to processes and files. These types can be used to define how processes and files can interact. Type transitions define whether types for processes and files can be changed.
+
The Type Enforcement attribute is the third attribute in the Security context. This attribute is used to assign types to processes and files. These types can be used to define how processes and objects can interact. Type transitions define whether types for processes and objects can be changed.
  
  
Line 27: Line 27:
  
  
The User-Based Access Control attribute is the first attribute in the Security context. User-Based Access Control is a optional extension to SELinux User Identities. The Security model is used to achieve SELinux User Identity seperation. Constraints in the security policy define how SELinux User Identities can interact with eachothers resources.  
+
The User-Based Access Control attribute is the first attribute in the Security context. User-Based Access Control is a optional extension to SELinux User Identities. The Security model is used to achieve SELinux User Identity separation. Constraints in the security policy define how SELinux User Identities can interact with each others resources.  
  
 
== Multi Level Security ==
 
== Multi Level Security ==
  
  
The Multi Level Security attributes are the fourth and fifth attributes in the Security context. These attributes are used to assign Security levels and Security compartments to processes and files to enforce confidentiality. Constraints in the security policy define how processes and files can interact. Processes are forced to operate on specified Security Levels and in specified Security Compartments. The Multi Level Security model enforces a "no read up and no write down" policy.  Multi Level Security and Multi Category Security are mutually exclusive.
+
The Multi Level Security attribute is the fourth attribute in the Security context. This attribute is used to assign Security levels and Security compartments to processes and files to enforce confidentiality. Constraints in the security policy define how processes and files can interact. Processes are forced to operate on specified Security Levels and in specified Security Compartments. The Multi Level Security model enforces a "no read up and no write down" policy.  Multi Level Security and Multi Category Security are mutually exclusive.
  
 
== Multi Category Security ==
 
== Multi Category Security ==
  
  
The Multi Category Security attributes are the fouth and fifth attributes in the Security context. These attributes are used to assign Security Categories to processes and files. The Security level attribute in Multi Category Security contexts is  generic. Constraints in the security policy define how processes and files can interact. Multi Category Security is a implementation of Multi Level Security where the use of assigned Security Categories is to the discretion of the user. Multi Category Security and Multi Level Security are mutually exclusive.
+
The Multi Category Security attribute is the fourth attribute in the Security context. This attribute is used to assign Security Categories to processes and objects. The Security level attribute in Multi Category Security contexts is  generic. Constraints in the security policy define how processes and files can interact. Multi Category Security is a implementation of Multi Level Security where the use of assigned Security Categories is to the discretion of the user. Multi Category Security and Multi Level Security are mutually exclusive.
  
 
--[[User:DominickGrift|DominickGrift]] 06:31, 2 July 2009 (PDT)
 
--[[User:DominickGrift|DominickGrift]] 06:31, 2 July 2009 (PDT)

Revision as of 15:43, 2 July 2009

Introduction to SELinux security models and concepts

SELinux implements a security model that is a combination of SELinux user identities, Role-Based Access control and Type Enforcement. Optionally models that can be implemented are User-Based Access Control, Multi Level Security or Multi Category Security. Each of these models have a Security attribute and the combination of these Security attributes is called a Security context.

SELinux User Identities

The SELinux User Identity attribute is the first attribute in the Security context. This attribute is used to assign SELinux Roles and Security Level ranges, or Security Category ranges to Linux User Identities. SELinux User Identities are independent of the Linux User Identities. Constraints in the security policy define whether SELinux User Identities can be changed.

Role-Based Access Control

The Role-based Access Control attribute is the second attribute in the Security context. This attribute is used to assign Security domains to SELinux User Identities. Role-Based Access Control is only applicable to processes. The SELinux Role attribute in Security contexts for objects is generic.

Type Enforcement

The Type Enforcement attribute is the third attribute in the Security context. This attribute is used to assign types to processes and files. These types can be used to define how processes and objects can interact. Type transitions define whether types for processes and objects can be changed.


Optional models



User-Based Access Control

The User-Based Access Control attribute is the first attribute in the Security context. User-Based Access Control is a optional extension to SELinux User Identities. The Security model is used to achieve SELinux User Identity separation. Constraints in the security policy define how SELinux User Identities can interact with each others resources.

Multi Level Security

The Multi Level Security attribute is the fourth attribute in the Security context. This attribute is used to assign Security levels and Security compartments to processes and files to enforce confidentiality. Constraints in the security policy define how processes and files can interact. Processes are forced to operate on specified Security Levels and in specified Security Compartments. The Multi Level Security model enforces a "no read up and no write down" policy. Multi Level Security and Multi Category Security are mutually exclusive.

Multi Category Security

The Multi Category Security attribute is the fourth attribute in the Security context. This attribute is used to assign Security Categories to processes and objects. The Security level attribute in Multi Category Security contexts is generic. Constraints in the security policy define how processes and files can interact. Multi Category Security is a implementation of Multi Level Security where the use of assigned Security Categories is to the discretion of the user. Multi Category Security and Multi Level Security are mutually exclusive.

--DominickGrift 06:31, 2 July 2009 (PDT)