Government Computer News
NSA aims for secure access to storage
The National Security Agency, building on its effort toward secure Linux computing, wants to extend its access control work into network file storage.
The effort involves integrating NSA’s Flask mandatory access control (MAC) architecture into the Network File System (NFS) protocol widely used for network-attached storage devices.
David Quigley, of NSA’s National Information Assurance Research Laboratory, presented the latest work on the project, called Labeled NFS (GCN.com, Quickfind 997) at the 71st meeting of the Internet Engineering Task Force last week in Philadelphia. IETF oversees the NFS protocol.
NSA initiated and led the effort to develop SELinux, an implementation of NSA’s Flask MAC architecture for Linux (GCN.com, Quickfind 998).
With MAC, programs and users are assigned attributes such as security levels.
Whenever a program spawns a process thread or calls a file, the attributes are checked against the organization’s authorization rules.
By deploying MAC, organizations can ensure that machine intruders don’t hijack programs to execute malicious tasks, and they can prevent employees from accessing documents they don’t have permission to view
| |||
| Latest News |  WashingtonTechnology.com |
FCW.com |
|
GCN.com
The latest technology news from GCN.com
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
|||
|
![1105 Government Information Group [justice]](/images/1105logo_website.gif "Government Computer News [justice]")
© 1996-2008 1105 Media, Inc. All Rights Reserved.
