Open Source Security
Welcome at » Explaining Linux Security
«
»

Explaining Linux Security

by George Wilson <gcwilson@us.ibm.com>, IBM Linux Technology Center

Operating system security features are notoriously difficult to explain. Folks who work on security have their own specialized vocabulary, which serves well to communicate concisely with other members of our community. However, it can be difficult to translate concepts into everyday language. Have you ever tried talking about SELinux to those who have never been exposed to MAC? You have to provide a large amount of background material simply to describe what SELinux is, let alone what interesting things can be done with it.

The LTC Security Development Team have developed a number of security features over the years. We’ve discussed them on mailing lists, written conference papers, and otherwise communicated our work to other technical folks. However, explaining the relevance of Linux security features to non-geeks remains a difficulty.

To help address the communications gap, the LTC Security Development Team in concert with the Information Development Team have created a customer-level Linux security brochure. In it, we discuss the various capabilities we have helped bring to Linux distros. Please take a look. It is available for download here: ftp://ftp.software.ibm.com/linux/pdfs/LTC/SecurityTeam.pdf, which BTW is one of the many resources available from the LTC Library here: http://www-03.ibm.com/linux/ltc/whitepapers.html.

Share and Enjoy:
  • Digg
  • del.icio.us
  • Reddit
  • Slashdot
  • StumbleUpon
  • Technorati

This entry was posted on Tuesday, April 14th, 2009 at 1:46 pm and is filed under Linux, Planet LTC, security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Digg it | Bookmark at del.icio.us

4 Responses

  1. Posted on 14. April 2009 at 15:24 #comment-3624

    Doc Shankar




    The issue still is how can a user use MAC without knowing what it is! This is still the problem with SELinux. A majority of the folks attending the SELinux session last year at LWE said they had SELinux disbaled.

    They were looking for some kind of magic from IBM, which i didn’t have!

    Imagine if i had to know about electromagnetics, to use a microwave oven!

    We need an AppArmor type interface with a powerful engine like SELinux!

  2. Posted on 15. April 2009 at 10:41 #comment-3627

    Bob




    We all know there is only one use of the abbreviation MAC right? Media Access Control 8-) Um, tell me again why security is confusing for the beginner?

  3. Posted on 26. April 2009 at 22:47 #comment-3645



    [...] more here: Open Source Security » Blog Archive » Explaining Linux Security Posted in: [...]

  4. Posted on 13. August 2009 at 08:11 #comment-3765



    Perfect and to the point! Linux (actually any *nix) security has always been a bit of a dark art. There are documents (policies) that describe how to harden or minimize your attack footprint. Every IT organization needs to conform to some security policy. Examples are NIST 800-53, DISA Unix STIGs, Center for Internet Security, DCID 6/3, SANS LAMP and 20 Critical Security Controls and many more. As Doc mentioned, you shouldn’t need to understand the science in order to use it. Security should be easy—like turning a key or pushing a button—in order to use it.

    Security Blanket by Trusted Computer Solutions strives to be that button. The product is feature rich and easy to use. There is a free trial and the development staff has built a how-to blog at http://tcs-security-blanket.blogspot.com/ The product is available for z series computing.

Leave a Reply