Work in Progress: RASS Framework for a Cluster-Aware SELinux

Author

Darivemula, Arpan ; Leangsuksun, C.B. ; Tikotekar, Anand ; Pourzandi, Makan

Author_Institution

Louisiana Tech. Univ., Ruston, LA

Volume

2

fYear

2006

fDate

16-19 May 2006

Firstpage

29

Lastpage

29

Abstract

Cluster computing has certainly evolved from a luxury affordable to few, to an ever increasing necessity. The growing deployments of clusters to solve critical and computationally intensive problems imply that survivability is a key requirement through which the systems must possess Reliability, Availability, Serviceability and Security (RASS) together. In this paper, we conduct a feasibility study on SELinux and the existing cluster-aware RASS framework by C.B. Leangsuksun et al. (2005). We start by understanding a semantic mapping from cluster-wide security policy to individual nodes´ mandatory access control (MAC). Through our existing RASS framework, we then construct an experimental cluster-aware SELinux system. Finally, we demonstrate feasibility of mapping distributed security policy (DSP) to SELinux equivalences and the cohesiveness of cluster enforcements, which, we believe, leads to a layered technique and thus becomes highly survivable

Keywords

Linux; authorisation; workstation clusters; RASS framework; Reliability, Availability, Serviceability and Security; cluster computing; cluster-aware SELinux; cluster-wide security policy; distributed security policy; mandatory access control; semantic mapping; Access control; Availability; Computer architecture; Computer security; Digital signal processing; Information security; Kernel; Open systems; Power system security; Robustness;

fLanguage

English

Publisher

ieee

Conference_Titel

Cluster Computing and the Grid, 2006. CCGRID 06. Sixth IEEE International Symposium on

Conference_Location

Singapore

Print_ISBN

0-7695-2585-7

Type

conf

DOI

10.1109/CCGRID.2006.1630924

Filename

1630924