Efficiently Supporting Attribute-based Access Control in Linux

Linux is a widely used multi-user operating system with applications ranging from personal desktop to commercial heavy duty web servers. It has built-in security features based on discretionary access control enforced in the form of access control lists, which can be enhanced using the Linux Security Module (LSM) Framework. LSM allows inserting security verification hooks for supporting custom security policies. However, there is no support yet for Attribute-Based Access Control (ABAC) - an access control model gaining popularity due to its dynamic nature and flexibility. In ABAC, access is granted or denied based on attributes of the subject, object and environment. In this work, we propose a method for enhancing Linux's security features by integrating ABAC for file system objects using the LSM framework. We look at various kernel and user space components and how they can be made to work together to enforce ABAC policies. Different algorithms and data structures for efficient access request resolution are also investigated. Finally, we carry out extensive performance evaluation of the ABAC-enabled Linux system and discuss its results.