Loading…
This event has ended. View the official site or create your own event → Check it out
This event has ended. Create your own
View analytic
Wednesday, August 29 • 2:00pm - 2:45pm
CaitSith - a new type of rule based in-kernel access control - Tetsuo Handa, NTT

Sign up or log in to save this to your schedule and see who's attending!

There had been various attempts for enforcing rule based access control in the Linux kernel. Many distributions nowadays enable some of in-tree LSM modules. However, many people are still disabling these modules because these modules are too complicated for them to use. Although white-listing approach is popular among security experts than black-listing approach, black-listing approach seems to be popular among those who are not security experts. In this presentation, CaitSith, a new type of rule based access control that mixed capability model and ACL model, is proposed. The rules in CaitSith are similar to network firewall and allow black-listing approach.

Expected audiences are Linux users who are disabling in-tree LSM modules or seeking for more simplified form of in-kernel access control. Audiences will know why CaitSith was developed and basic usage of CaitSith.


Speakers
TH

Tetsuo Handa, NTT

Tetsuo Handa is the main author of TOMOYO (one of in-tree LSM modules), AKARI (loadable kernel module version of TOMOYO) and CaitSith. He had been involved in the area of in-kernel access control from April 2003 to March 2012 at NTT DATA CORPORATION, Japan. He had talks/BoFs at several Linux related international conferences and PacSec 2008.


Wednesday August 29, 2012 2:00pm - 2:45pm
Harbor Island 3