Part 4: Application and System SecurityInternational audienceThe typical way to run an administrative task on Linux is to execute it in the context of a super user. This breaks the principle of least privilege on access control. Other solutions, such as SELinux and AppArmor, are available but complex to use. In this paper, a new Linux module, named RootAsRole, is proposed to allow users to fine-grained control the privileges they grant to Linux commands as capabilities. It adopts a role-based access control (RBAC) [14], in which administrators can define a set of roles and the capabilities that are assigned to them. Administrators can then define the rules controlling what roles users or groups can assign to themselves. Each time a Linux us...
Part 6: Availability, Security and PrivacyInternational audienceThe consequences of security breache...
Abstract. Many of today’s software applications require a high-level of security, defined by a detai...
Access control is often used to make restrictions to the resources in a system so that these resourc...
Part 4: Application and System SecurityInternational audienceThe typical way to run an administrativ...
open access articleToday, Linux users use sudo/su commands to attribute Linux’s administrative privi...
The typical way to run an administrative task on Linux is to execute it in the context of a super us...
Historically and by default, Linux does not respect the principle of least privilege because it gran...
Inside cyber security threats by system administrators are some of the main concerns of organization...
The basic concept of role-based access control (RBAC) is that permissions are associated with roles,...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
Trusted, setuid-to-root binaries have been a substantial, long-lived source of privilege escalation ...
An increasing number ofattacks experienced in existing enterprise networks and applications have rec...
this paper, we define an access control model with the following properties: (1) system administrato...
In role-based access control (RBAC), users and objects are assigned to one or more roles. Users shou...
The implementation of discretionary role-based access control mechanisms in standard operating syste...
Part 6: Availability, Security and PrivacyInternational audienceThe consequences of security breache...
Abstract. Many of today’s software applications require a high-level of security, defined by a detai...
Access control is often used to make restrictions to the resources in a system so that these resourc...
Part 4: Application and System SecurityInternational audienceThe typical way to run an administrativ...
open access articleToday, Linux users use sudo/su commands to attribute Linux’s administrative privi...
The typical way to run an administrative task on Linux is to execute it in the context of a super us...
Historically and by default, Linux does not respect the principle of least privilege because it gran...
Inside cyber security threats by system administrators are some of the main concerns of organization...
The basic concept of role-based access control (RBAC) is that permissions are associated with roles,...
Consumer devices are increasingly being used to perform security and privacy critical tasks. The sof...
Trusted, setuid-to-root binaries have been a substantial, long-lived source of privilege escalation ...
An increasing number ofattacks experienced in existing enterprise networks and applications have rec...
this paper, we define an access control model with the following properties: (1) system administrato...
In role-based access control (RBAC), users and objects are assigned to one or more roles. Users shou...
The implementation of discretionary role-based access control mechanisms in standard operating syste...
Part 6: Availability, Security and PrivacyInternational audienceThe consequences of security breache...
Abstract. Many of today’s software applications require a high-level of security, defined by a detai...
Access control is often used to make restrictions to the resources in a system so that these resourc...