Dissertation in Progress at Hamburg University
by Amon Ott

Supervision: Prof. Dr. Klaus Brunnstein, University of Hamburg, and Prof. Dr. Simone Fischer-Hübner, University of Karlstad

Current State

The book
Amon Ott
Mandatory Rule Set Based Access Control in Linux
(ISBN: 978-3-8322-6423-9)
is published by Shaker Verlag.

Table of Contents

  1. Introduction
    1. Motivation
    2. Dissertation Goals
    3. Innovations
    4. Outline
  2. Background
    1. Perspective of Access Control Systems
    2. Basic Concepts
    3. Generalized Framework for Access Control (GFAC)
    4. Linux Capabilities
    5. Security Models
  3. Security Model Requirements
    1. Requirements
    2. Analysis of some existing Security Models
  4. Rule Set Based Access Control Framework
    1. From GFAC to the RSBAC Framework
    2. RSBAC Framework Structure
    3. Network Access Control with Templates
    4. Call Chain Examples
    5. Decision Modules (Rule Sets)
    6. Implementation
    7. Installation
    8. Administration
    9. Beyond GFAC
  5. Other Access Control Extensions
    1. Flask / Security Enhanced Linux (SELinux)
    2. Medusa DS9
    3. Linux Intrusion Detection System (LIDS)
  6. The Role Compatibility (RC) Model
    1. History
    2. Informal Description
    3. Specification
    4. Implementation
    5. Administration
    6. Implementation Testing
    7. Access Control Lists (ACL) Extension
    8. Authentication Enforcement (AUTH) Extension
    9. Analysis based on the Security Model Requirements
    10. Comparison with RBAC and DTE Models
  7. Usage Examples
    1. General Techniques
    2. Server Examples
    3. Benchmarks
  8. Outlook on a Distributed RSBAC Framework
    1. Replicated Individual Systems
    2. Fully Distributed Systems
  9. Analysis
  10. Conclusion