Design and Development of an Agent Based Centralized Tool for Analyzing and Managing Security Enhanced Linux Policies

Abstract

Security Enhanced Linux also known as the SELinux, facilitates and includes an extensible Mandatory-Access-Control which is called, “MAC” structure/system built within the Linux kernel. An application or a process life cycle which runs as a user (UID or SUID) has the specific authority to access objects such as files, sockets and other processes with Linux’s default Discretionary-Access-Control (DAC). SELinux prescribes the access and the progress privileges of each user, application, process, and the files on the system and administers the communications of these elements utilizing a security strategy that determines how severe or indulgent a given Red Hat EnterpriSELinux establishment ought to be. However, due to its constraints such as, not being user friendly, having too complicated policies and convoluted policy description language, are limiting the implementation of SELinux policies in the IT industry. As a result, there is only few research available on the subject of UI based policy management tools and even those research have limitations such as, inability to remotely manage a host/server, manual documentation and inability to monitor the systems automatically from a dashboard.In order to overcome the said research gap and problems, this research will implement a system, using a web-socket technology that facilitates ability to conversation in full duplex through a just one TCP connection. This system is included with a web socket-agent, which can be installed in server endpoints and has the ability to change SELinux policies, a web-socket server: which can do live communication with the agent to perform policy changes, UI component: to manage policies using user interface and a database component to store policy details.