Rule-set-based access control (RSBAC) is an open source
access control
In the fields of physical security and information security, access control (AC) is the selective restriction of access to a place or other resource, while access management describes the process. The act of ''accessing'' may mean consuming ...
framework for current
Linux kernel
The Linux kernel is a free and open-source, monolithic, modular, multitasking, Unix-like operating system kernel. It was originally authored in 1991 by Linus Torvalds for his i386-based PC, and it was soon adopted as the kernel for the GNU ope ...
s, which has been in stable production use since January 2000 (version 1.0.9a).
Features
* Free open source GNU General Public License (
GPL
The GNU General Public License (GNU GPL or simply GPL) is a series of widely used free software licenses that guarantee end users the four freedoms to run, study, share, and modify the software. The license was the first copyleft for general us ...
) Linux kernel security extension
* Independent of governments and big companies
* Several well-known and new security models, e.g. mandatory access control (
MAC), access control list (
ACL), and role compatibility (RC)
* On-access virus scanning with Dazuko interface
* Detailed control over individual user and program network accesses
* Fully
access controlled kernel level user management
* Any combination of security models possible
* Easily extensible: write your own model for runtime registration
* Support for latest kernels
* Stable for production use
* Easily portable to other operating systems
The RSBAC system architecture has been derived and extended from the Generalized Framework for Access Control (
GFAC) by Marshall Abrams and Leonard La Padula.
RSBAC means "ruleset based access control" and is also a role-based access control (
RBAC
In computer systems security, role-based access control (RBAC) or role-based security is an approach to restricting system access to authorized users. It is an approach to implement mandatory access control (MAC) or discretionary access control ( ...
) solution. The two acronyms can cause confusion.
In his essay "Rule Set Modeling of a Trusted Computer System",
Leonard LaPadula describes how the Generalized Framework for Access Control (GFAC) approach could be implemented in the
UNIX System V
Unix System V (pronounced: "System Five") is one of the first commercial versions of the Unix operating system. It was originally developed by AT&T and first released in 1983. Four major versions of System V were released, numbered 1, 2, 3, an ...
operating system. He introduced the clear separation between Access Enforcement Facility (AEF), Access Decision Facility (ADF) with Access Control Rules (ACR), and Access Control Information (ACI).
The AEF as part of the system call function calls the ADF, which uses ACI and the rules to return a decision and a set of new ACI attribute values. The decision is then enforced by the AEF, which also sets the new attribute values and, in case of allowed access, provides object access to the subject.
This structure requires all security relevant system calls to be extended by AEF interception, and it needs a well-defined interface between AEF and ADF. For better modeling, a set of request types was used in which all system call functionalities were to be expressed. The general structure of the GFAC has also been included in the ISO standard 10181-3 Security frameworks for open systems: Access control framework and into
The Open Group
The Open Group is a global consortium that seeks to "enable the achievement of business objectives" by developing "open, vendor-neutral technology standards and certifications." It has over 840 member organizations and provides a number of servi ...
standard Authorization (AZN) API.
The first RSBAC prototype followed La Padula's suggestions and implemented some access control policies briefly described there, namely mandatory access control (
MAC), functional control (FC) and Security Information Modification (SIM), as well as the Privacy Model by
Simone Fischer-Hübner.
Many aspects of the system have changed a lot since then, e.g. the current framework supports more object types, includes generic list management and network access control, contains several additional security models, and supports runtime registration of decision modules and system calls for their administration.
RSBAC and other solutions
RSBAC is very close to Security-Enhanced Linux (
SELinux
Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls (MAC).
SELinux is a set of kernel modifications and user-space t ...
), as they share a lot more in their design than other access controls such as
AppArmor
AppArmor ("Application Armor") is a Linux kernel security module that allows the system administrator to restrict programs' capabilities with per-program profiles. Profiles can allow capabilities like network access, raw socket access, and the ...
.
However, RSBAC brings its own hooking code instead of relying on the Linux Security Module (
LSM
In molecular biology, LSm proteins are a family of RNA-binding proteins found in virtually every cellular organism. LSm is a contraction of 'like Sm', because the first identified members of the LSm protein family were the Sm proteins. LSm pro ...
). Due to this, RSBAC is technically a replacement for LSM itself, and implement modules that are similar to SELinux, but with additional functionality.
The RSBAC framework incorporates complete object status and has a full knowledge of the kernel state when making decisions, making it more flexible and reliable. However, this comes at the cost of slightly higher overhead in the framework itself. Although SELinux- and RSBAC-enabled systems have similar impact on performance, LSM impact alone is negligible compared to the RSBAC framework alone.
For this reason, LSM has been selected as default and unique security-hooking mechanism in the Linux kernel, RSBAC coming as a separate patch only.
History
RSBAC was the first Linux role-based access control (
RBAC
In computer systems security, role-based access control (RBAC) or role-based security is an approach to restricting system access to authorized users. It is an approach to implement mandatory access control (MAC) or discretionary access control ( ...
) and mandatory access control (
MAC) patch.
See also
External links
RSBAC homepageLeonard LaPadula's essay on GFACGentoo Wiki Access Control Comparison Table
{{DEFAULTSORT:Rsbac
Operating system security
Linux security software
Linux kernel features
Access control