Development of Agent-Based Centralized Tool For Analyzing and Managing Security-Enhanced Linux Policies using WebSocket Protocol

Abstract

The SELinux facilitates and includes an extensible "MAC" structure built within the Linux kernel. An application or a process life cycle that runs as a user has the specific authority to access objects such as files, sockets, and other processes with Linux’s default Discretionary Access Control (DAC). SELinux prescribes the access and the progress privileges of each user, application, process, and the files on the system and administers the communications of these elements utilizing a security strategy that determines how severe or indulgent a given Red Hat Enterprise Linux establishment ought to be. However, its constraints such as, not being user-friendly, having too complicated policies, and complex policy description language, are limiting the implementation of SELinux policies in the Information Technology industry. As a result, there is only a little research available on User Interface-based policy management tools. Even those researches have limitations such as the inability to remotely manage a host/server, manual documentation, and the inability to monitor the systems automatically from a dashboard. In order to overcome said research gap and problems, this research will implement a system using a web-socket technology that facilitates the ability to converse in full-duplex through just one TCP connection. This system is included with a web socket-agent, which can be installed in server endpoints and can change SELinux policies, a web-socket server: which can do live communication with the agent to perform policy changes along with the UI component: to manage policies using the user interface and a database component to store policy details.