[Cryptography] Can crypto implement OS/FS protections ?

[Kevin W. Wall]

On Fri, Nov 25, 2022, 3:13 PM Phillip Hallam-Baker <phill at hallambaker.com>
wrote:

>
> First off, file system protections today are based on 1970s technology and
> limited to static access control. If you want good security, you want
> dynamic access control and accountability (which is what the Mesh
> provides). So no, Chealsea Manning cannot download 90,000 diplomatic cables
> because the management system cuts her off at 2,000 (or so) and she is
> deterred from attempting to exceed her authority by the knowledge that
> every access is logged.
>

The auditing aspect can easily be done today, e.g, on Linux using Auditd
and logging to a remote SIEM. Of course, you have to have someone actively
monitoring those logs proactively otherwise detection comes too late. But
if you want something like the rate limiting, you're right, you are not
going to get that from the OS, at least not any mainstream ones that I'm
aware of. To me, it may make more sense as a specialized user space
process. And OS might support that with some additional basic primitives,
but I think the combinations needed for all the specific scenario would
make the OS too complex, which would lead to even more security issues.

Besides, given that most companies who use RHEL often run with SELinux
disabled, which to me says they aren't really interested in advanced
dynamic security controls in the OS. (Yes, SELinux certainly is rather
complicated to use, but AppArmor provides many similar benefits and is much
easier to use, but it is rarely used as well.)

-kevin
--
Blog: https://off-the-wall-security.blogspot.com/    | Twitter: @KevinWWall
| OWASP ESAPI Project co-lead
NSA: All your crypto bit are belong to us.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20221125/28120c46/attachment.htm>