Securing Linux, Part 1: Introduction

By Mario Eberlein, Rene Auberger, Wolfram Andreas Richter
2005-04-21


Confidentiality
Confidentiality is maintained when protected data can only be read or modified by authorized people or systems. It is a distinct concept from integrity: when data is sent over a network, it might be transmitted correctly without changes so that integrity is ensured, but it would no longer be confidential if intercepted by a third party. Integrity is not sufficient when unauthorized persons gain access to the data transmitted and extract valuable information from it. The confidentiality of data brings up three further questions:

• Who wants to access the data? (Authentication)
• What data can be accessed? (Authorization)
• How is data protected from unauthorized access?

Linux has several approaches to ensure that the entity trying to access data is the one it claims to be. Via Pluggable Authentication Modules (PAM), you can implement several authentication strategies, from simple username/password combinations stored on the local machine over a centralized directory (NIS, Kerberos, LDAP, etc.) to hardware tokens or biometric scans. File access authorization can be issued using the classical (coarse) UNIX file permissions: read, write, and execute permissions on user, group, or world level. Newer fine-grained approaches -- Access Control Lists -- allow you to grant or deny specific rights to specific users.

The standard Linux security concept is implemented in software and relies on the kernel disallowing access to resources a user is not authorized to use. However kernel bugs (privilege elevation/escalation, unchecked parameters, etc.) may allow a user to access previously inaccessible memory regions, disk space, networks, or other resources. Physical access to the hardware allows users to bypass software checks by installing keyloggers, taking away hard drives and reading them in other machines, sniffing network traffic, and so on. Thus, further efforts, such as encryption of file systems, of individual files, of network traffic, and/or on the application level, have to be taken to secure confidential data. Again, physical measures such as secured areas, secure deletion of data, and accounting procedures for confidential information need to be considered, but are not covered here.

Tutorial Pages:
» A Consideration of What it Means to be Secure
» Security Defined
» Integrity
» Confidentiality
» Availability
» Linux System Security
» Next in the Series
» Resources


First published by IBM DeveloperWorks

Related Tutorials: » How to Install PHP 5 on Linux » How to Install Apache 2 on Linux » How to Install MySQL 5.0 on Linux » SMB Caching » Mound --Bind » Tar Wild Card Interpretation

Tutorials AJAX ASP CGI & Perl CSS Flash HTML Illustrator Java JavaScript Linux MySQL PHP Photoshop Python Wireless XML Miscellaneous Scripts AJAX ASP ASP.NET CGI & Perl Flash Java JavaScript PHP Python Remotely Hosted Tools & Utilities XML Web Hosting Articles ASP.NET Budget Dedicated Servers Ecommerce Linux Resellers Shared Small Business Windows Developer Manuals Learn HTML Learn PHP Learn CSS Learn AJAX Learn JavaScript Learn Pear White Papers Resources Developer Tools Developer Content