Keywords

• Intrusion Detection System
• Networking
• Security Hardening Program
• Kernel Security Policy
• Capabilities
• DAC (Discretionary Access Control)
• MAC (Mandatory Access Control)
• ACL (Access Control Lists)
• Common Criteria (CAPP and LSPP)
• Netfilter

Motivation

Today, computers have insufficient security to protect themselves from intrusion both locally as well as from the external internet. With increasing reliance on the internet for e-commerce, security becomes even more important. Covered here will be different ways to increase computer security as well as timely discovery of such intrusion should it occur. Areas to be covered include intrusion detection, kernel security policy and needed improvements, and security hardening programs.

Sub-topics

• The Prelude Project
• The Bastille Unix Security Project
• Linux Kernel Security Policy
• Using Netfilter

Program

Thursday, July 6th

This session is much linked to the kernel session.