Xen project Mailing List

[Xen-devel] Re: [Xense-devel] Question about XSM-ACM XSM-FLASK differences

To: Atsushi SAKAI <sakaia@xxxxxxxxxxxxxx>, xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxx>, xense-devel <xense-devel@xxxxxxxxxxxxxxxxxxx>

From: "George S. Coker, II" <gscoker@xxxxxxxxxxxxxx>

Date: Tue, 20 Jan 2009 18:52:07 -0500

Cc:

Delivery-date: Tue, 20 Jan 2009 15:52:47 -0800

List-id: Xen developer discussion <xen-devel.lists.xensource.com>

Thread-index: Acl7Whn8gc7DMIE9VEyJS7mFw75HOg==

Thread-topic: [Xense-devel] Question about XSM-ACM XSM-FLASK differences

ACM and FLASK are security modules under the XSM framework. Only XSM-FLASK is based on the Flask architecture. Both modules implement type enforcement but differ in the granularity of the enforcement. XSM-ACM(sHype) is described in the open literature, http://domino.watson.ibm.com/library/cyberdig.nsf/papers/5FF6B8DE618BCF30852 570230052518A/$File/rc23629.pdf and http://domino.watson.ibm.com/library/cyberdig.nsf/papers/265C8E3A6F95CA8D852 56FA1005CBF0F/$File/rc23511.pdf XSM-FLASK is based on the same security architecture (Flask) and goals as SELinux, which is described in the open literature, http://www.nsa.gov/research/_files/selinux/papers/module.pdf and http://www.nsa.gov/research/_files/selinux/papers/slinux.pdf The scope for XSM-FLASK is limited to Xen. The XSM-FLASK module implements a separate and distinct security server from SELinux. The subjects, objects, and permissions described in the XSM-FLASK policy are relevant only to Xen. There is no functional dependency between XSM-FLASK and SELinux guests. However, one uses the SELinux tools and policy grammar to construct and analyze XSM-FLASK policies. In a system running an SELinux guest and an XSM-FLASK enabled hypervisor, there are two security servers. One security server is in the SELinux guest. The other security server is in the XSM-FLASK enabled hypervisor. Each security server is loaded with a policy that is relevant only to the SELinux guest or XSM-Flask enabled hypervisor, respectively. Let me know if this doesn't answer your questions. On 1/16/09 4:07 AM, "Atsushi SAKAI" <sakaia@xxxxxxxxxxxxxx> wrote: > Hi, > > I have a question about XSM-ACM(sHype) and XSM-FLASK difference. > These two are based on Flask model. > So I wan to know the difference of these two. > > Is this is only a implementation difference? > (like a policy description format etc.) > > Or any other difference exists? > > I think XSM-FLASK policy format is same as SELinux one. > But Security Server is splited between Linux/Xen. > In this situation, > it looks same XSM-ACM and XSM-FLASKin a view from Security Server. > > If this discussion is already done, > Please suggest me a pointer. > > Thanks > Atsushi SAKAI > > > > _______________________________________________ > Xense-devel mailing list > Xense-devel@xxxxxxxxxxxxxxxxxxx > http://lists.xensource.com/xense-devel -- George S. Coker, II <gscoker@xxxxxxxxxxxxxx> _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-devel

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.