National Security Agency

Latest Content From National Security Agency

Whitepaper: Integrating Flexible Support for Security Policies Into the Linux Operating System

by National Security AgencyJan 01, 2008

End systems must be able to enforce the separation information based on confidentiality and integrity requirements to provide system security. The protection mechanisms of current mainstream operating systems are inadequate to support confidentiality and integrity requirements for end systems. Mandatory Access Control (MAC) is needed to address such requirements, but the limitations of traditional MAC have inhibited its adoption into mainstream operating systems. This paper describes the security architecture, security mechanisms, application programming interface, security policy configuration, and performance of SELinux.