DSI: Secure Carrier-Class Linux

Ericsson Research is developing a new secure architecture for telecom applications on Linux clusters.
Current Results

So far, a secure boot mechanism for diskless Linux servers has been implemented. Using secure boot with digital signatures, a distributed trusted computing base (DTCB) will be available at the boot of the cluster nodes. The kernel at secure boot is small enough to be thoroughly tested for vulnerabilities. Furthermore, the use of digital signatures for binaries and a local certification authority will prevent malicious modifications to the DTCB.

We also implemented a security module based on the Linux Security Module (LSM), which enforces the security policy as part of the DSI access control service. This module is integrated with SCC to implement distributed access control mechanisms. DSI currently supports preemptive and dynamic security policy at the process level throughout the whole cluster.

To ease administration and maintenance of the distributed security policy, we are completing a study to devise methods of reusing information already contained in package management systems (such as RPM) in order to generate part of the security policy or to push such information to the package (if that is where it would be best specified). This effort also aims to use the policy to provide clearly different privileges during software installation, configuration, activation and execution. Specification of the exact language used to express the policy and of the compilation and loading mechanisms remain to be completed.

We have partly implemented a secure communication channel based on OmniORB, an open-source implementation of CORBA. SCC logics are implemented on top of a portability layer, making the implementation independent of any communication middleware used. The choice of CORBA as communication middleware for SCC was motivated by many factors, such as the support for distributed real-time and embedded systems and interoperability.

DSI as an Open-Source Project

Our goal for DSI is to make the framework open source and to get people from different organizations and open-source initiatives involved in the design and development of the various components.

Figure 2 presents the various components of DSI. All components with a question mark are open to design and development contribution. Currently at Ericsson Research we are working toward implementing the core DSI, which includes the following: secure communication channel, security server, security manager, access control service (including LSM), security policy generation, security session manager and distributed tracing of events (as part of the auditing service).

Figure 2. DSI Components

Ericsson Joins the Open Source Development Lab

Conclusion

The DSI team from Ericsson Research will be available at the Ottawa Linux Symposium for three allocated presentations on DSI. We will also be available at the IEEE Cluster Conference 2002 in Chicago. In addition, Ericsson Research will be hosting the annual Open Cluster Group meetings June 24-25, in Montréal, which will give us the opportunity to address the members of the group and get them involved with the DSI Project.

A web site for the project is available as of June 2002. It provides DSI technical reports, presentations, source code and links to web sites of other contributors. Due to space limitations, we were not able to go into the details of DSI in this article. However, feel free to contact any of the DSI team members (listed below) to receive detailed papers on the DSI architecture, strategy and source code or to discuss collaboration opportunities.

The DSI Team

Ibrahim F. Haddad (Ibrahim.Haddad@Ericsson.com), Charles Levert (Charles.Levert@Ericsson.ca), Makan Pourzandi (Makan.Pourzandi@Ericsson.ca) and Miroslaw Zakrzewski (Miroslaw.Zakrzewski@Ericsson.ca).

Contributors

Marc Chatel (Marc.Chatel@lmc.Ericsson.se), Michel R. Dagenais (Michel.Dagenais@polymtl.ca), David Gordon (David.Gordon@Ericsson.ca), Bruno J. M. Hivert (Bruno.Hivert@Ericsson.com) and Dominic Pellerin (Dominic.Pellerin@Ericsson.ca).

______________________

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix