Change search
ReferencesLink to record
Permanent link

Direct link
Evaluation of Linux Security Frameworks
Umeå University, Faculty of Science and Technology, Department of Computing Science.
2010 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]


The number of threats to computers attached to networks continually increases. The focus of preventing security exploits has been on the network, while local exploits has been mostly overlooked. Many security problems in Unix systems stem from the way security is managed; by delegating all security decisions to object owners. There are a number of security frameworks which aim to remedy this in Linux by restricting access to kernel objects, such as files. Ericsson is interested in finding the best possible security frameworks for use with their Linux products.In this thesis, the available security frameworks are evaluated based on criteria given by Ericson. First, the theoretical foundation of computer security is explored to serve for an overview of the security frameworks and their properties. Then specific attributes are refined and their values gathered from each framework. These attributes then serve as a basis for selecting two frameworks for further testing.The selected frameworks are 

SELinux  and AppArmor, based on commerical support, ease of integration, and overall protection measures. Tables with the collected attributes are presented for comparison.The frameworks  TOMOYO and SMACK  should have been given more consideration. AppArmor is not useful for the server-centric environment used at Ericsson.

Place, publisher, year, edition, pages
UMNAD, 849
National Category
Computer Science
URN: urn:nbn:se:umu:diva-36664OAI: diva2:355498
Available from: 2010-10-07 Created: 2010-10-07 Last updated: 2010-10-07Bibliographically approved

Open Access in DiVA

fulltext(425 kB)846 downloads
File information
File name FULLTEXT01.pdfFile size 425 kBChecksum SHA-512
Type fulltextMimetype application/pdf

By organisation
Department of Computing Science
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 846 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

Total: 1156 hits
ReferencesLink to record
Permanent link

Direct link