Paper for the International Linux Kongress 2001
December 3, 2001
RSBAC was designed according to the Generalized Framework for Access Control (GFAC) to overcome the deficiencies of access control in standard Linux systems, and to make a flexible combination of security models as well as proper access logging possible.
Access control is devided into enforcement, decision and data structures, and all access modes are grouped into abstract request types. Also, the controlled object types include interprocess communication as well as devices (not only device special files).
The abstraction makes the framework and the existing model implementations easily portable to other operation systems.
Among the nine access control models, which are currently included, are well known ones, like MAC/Bell-LaPadula, as well as new models, which have been specially designed for *nix server needs. Specially, the complex and powerful Role Compatibility model and the Access Control Lists model provide fine grained control over all objects in the system, while the Authorization model easily controls user IDs used by all programs.
Installation requires a kernel patch, RSBAC configuration and a recompile. The complete set of administration tools contains a range of menues for most tasks.
Practical experience shows the system to be fast and stable for production use, what is one reason for its growing acceptance. There are already two Linux distributions with RSBAC included and a lot of server systems running it.
In the next major release 1.2.0, real network access control will be provided and the whole access control data handling subsystem will have been changed and optimized.