Prima

PRIMA1: Info flow attestation.

  • an extension to Linux IMA:

    • measures the code (Linux IMA), and
    • measures which information are present among processes.

  • attest Biba and Clark-Wilson2, CW-Lite3; CW-Lite attestation is proved.

  • Implementation: on SELinux.

Info flow examples:

Biba integrity requires that a process receive no input that is lower integrity than itself4.

LOMAC(Low-Water Mark Integrity) requires that a process’s integrity be that of the lowest integrity input that it receives5.

CW-Lite guarantee is same as Clark-Wilson: all flows from untrusted processes to high integrity ones must pass through a filtering/sanitizing procedure in the destination process.

Linux IMA linux IMA

  1. PRIMA: Policy-Reduced Integrity Measurement Architecture. SACMAT, 2006. ↩
  2. A comparison of commercial and military computer security policies. SP, 1987. ↩
  3. Toward automated information flow integirty for security critical applications. NDSS. 2006. ↩
  4. K. J. Biba. Integrity considerations for secure compter systems. MITRE MTR-3153. 1975. ↩
  5. Lomac: Low water-mark integrity protection for cots environments. SP, Washington, DC, 2000. ↩
Created Aug 12, 2019 // Last Updated Aug 13, 2019

If you could revise
the fundmental principles of
computer system design
to improve security...

... what would you change?