SELinux

SELinux is a strong and flexible Mandatory Access Control (MAC) framework for Linux. It is based on ten years research on secure operating systems by the NSA, and integrated into the Linux kernel via the Linux Security Modules API.

SELinux makes it virtually impossible for unauthorized users or programs to take control over processes, files or hardware, thereby preventing unauthorized access to important information.

All security relevant accesses between subjects and objects are strictly controlled according to a dynamically loaded mandatory security policy. Clean separation of enforcing mechanism and security policy provides considerable flexibility in the implementation of security goals for the system, while fine granularity of control ensures complete mediation.

Security Models

Any number of different security models may be combined by SELinux, with their complete effect being fully analysable. The default SELinux implementation is currently composed of the following security models:

  • Type Enforcement (TE)
  • Role Based Access Control (RBAC)
  • Identity Based Access Control (IBAC)
  • Multi Level Security (MLS)

These complement the standard Linux Discretionary Access Control (DAC) scheme.

Our Offers

Oribium provides SELinux solutions for any organization's computer infrastructure to prevent exploitation by all forms of malicious code, to ensure system integrity and that data is processed as required.

Our offers include:

  • Development and implementation of SELinux security policies
  • Hosting various types of Internet applications on SELinux servers, for example web and mail servers
  • Managing secure SELinux servers for a broad range of applications

Our offers include:

  • Development and implementation of SELinux security policies
  • Hosting various types of Internet applications on SELinux servers
  • Managing secure SELinux servers for a broad range of applications