Re: [I2nsf] Can the Flux Advanced Security Kernel described by draft-ietf-nfsv4-lfs-registry-02 be used for I2NSF?
Dave Quigley <dpquigl@davequigley.com> Wed, 18 February 2015 00:33 UTC
Return-Path: <dpquigl@davequigley.com>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 732A81A88E3 for <i2nsf@ietfa.amsl.com>; Tue, 17 Feb 2015 16:33:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TPNckhABWvlP for <i2nsf@ietfa.amsl.com>; Tue, 17 Feb 2015 16:33:44 -0800 (PST)
Received: from countercultured.net (countercultured.net [IPv6:2001:470:0:c0d3::2]) by ietfa.amsl.com (Postfix) with SMTP id 836D31A88F3 for <i2nsf@ietf.org>; Tue, 17 Feb 2015 16:33:38 -0800 (PST)
Received: (qmail 26360 invoked from network); 18 Feb 2015 00:33:34 -0000
Received: from localhost (nobody@127.0.0.1) by countercultured.net with ESMTPA; 18 Feb 2015 00:33:34 -0000
Message-ID: <54E3DDE0.9010807@davequigley.com>
Date: Tue, 17 Feb 2015 19:33:36 -0500
From: Dave Quigley <dpquigl@davequigley.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101 Thunderbird/31.4.0
MIME-Version: 1.0
To: Linda Dunbar <linda.dunbar@huawei.com>, "Romascanu, Dan (Dan)" <dromasca@avaya.com>, "ops-dir@ietf.org" <ops-dir@ietf.org>
References: <9904FB1B0159DA42B0B887B7FA8119CA5C9977A3@AZ-FFEXMB04.global.avaya.com> <4A95BA014132FF49AE685FAB4B9F17F645EDB541@dfweml701-chm>
In-Reply-To: <4A95BA014132FF49AE685FAB4B9F17F645EDB541@dfweml701-chm>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/i2nsf/KuAVIvWdRuF9s5BYcuusMzj4azg>
X-Mailman-Approved-At: Wed, 18 Feb 2015 08:01:18 -0800
Cc: "i2nsf@ietf.org" <i2nsf@ietf.org>, dpquigl@tycho.nsa.gov, "draft-ietf-nfsv4-lfs-registry.all@tools.ietf.org" <draft-ietf-nfsv4-lfs-registry.all@tools.ietf.org>
Subject: Re: [I2nsf] Can the Flux Advanced Security Kernel described by draft-ietf-nfsv4-lfs-registry-02 be used for I2NSF?
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Feb 2015 00:33:46 -0000
On 2/17/2015 6:57 PM, Linda Dunbar wrote: > David, Jarrett, and Thomas, > > I2NSF is to specify a mechanism for clients to communicate their > specific “Flow Based security policies” (request/monitor/report) to a > system, and map these security policies to the security functions > present in security devices in that system.(see charter > http://www.ietf.org/mail-archive/web/i2nsf/current/msg00281.html) > > draft-ietf-nfsv4-lfs-registry-02 describes “The Flux Advanced Security > Kernel (FLASK) [FLASK99]” as an implementation of an architecture to > provide flexible support for security policies. Section 2.1 of > [FLASK99b], summarizes the architecture of FLASK to: > > 1. describe the interactions between a subsystem which enforces > > security policy decisions and a subsystem which makes those > > decisions > > 2. the requirements on the components within each subsystem. > > Question to you: do you think if FLASK can be extended for I2NSF purpose? > > Thanks, Linda > When I get to work tomorrow I'll read over the I2NSF protocol spec and give you an answer. The FLASK security labels are better known by their more common name of SELinux labels. If you look at SELinux it will give you a better idea than flask. SELinux doesn't specify flows explicitly but you can analyze the policy to detect the information flows. SELinux's main security model is type enforcement. In this model every subject and object are given a label and then rules are defined how they interact. I'll look over I2NSF tomorrow and see if the FLASK model (Which SELinux is based on) could be adapted for other methods. The main takeaway from FLASK was that until that point trusted systems hardcoded the mechanism and policy for their security models into the OS itself. With FLASK the idea was to separate the policy from the mechanism so that multiple models could be supported rather than MLS which was almost always what was encoded. You should see a reply tomorrow from my work email address but the name should be the same. Dave
- [I2nsf] Can the Flux Advanced Security Kernel des… Linda Dunbar
- Re: [I2nsf] Can the Flux Advanced Security Kernel… Dave Quigley