SELinux at Heart of New Hacker-Resistant Infrastructure

61

A group of technology vendors at last week’s GEOINT 2015 conference demonstrated a data infrastructure they claim could stop hackers in their tracks.

The Multilevel Secure System (MLS) combines technology and services from Lockheed Martin, Seagate, Red Hat, SGI, Cray, Bay Microsystems, Mellanox, Vion, Altair, Crunchy and Splunk.

The ecosystem is based on Security-Enhanced Linux (SELinux), but it adds role-based access control with a policy for each role, so no one can get to the system root and the root can’t see user data. All access is logged, so any attempts to penetrate the system can be traced. Policies are based on roles such as security admin, audit admin and sysadmin, and each file is tagged with a security level so some users can see it while others can’t.

Read more at eSecurityPlanet.