Multi-Level Security Research For SharePoint Introduction

Posted by on Aug 11, 2007 in Multi-Level Security Research | 0 comments

Multi-Level Security is an important concept for several flavors of industry, but most importantly those that exist within the federal government. The concept of Multi-Level Security is built upon the model that were firstly built on the Bell-LaPueda model, which in general, simply laid the foundation for read/write access across logical boundaries. As with any security model, there are two important concepts that are typical involved, the object, or the asset that a requesting party wants access to, and the subject, which is the querying party for that specific asset. Regardless of how the...

read more

The CIA Triad and SharePoint

Posted by on Aug 11, 2007 in Multi-Level Security Research | 0 comments

The propriety information that SharePoint propagates and builds upon is the essenc collaboration enabled organization. Protecting this information should be the primary goal of an organizational after the proper enablement of it, safeguarding it from intruders and attacks that may have malicious intent. This is especially pertinent in the case of SharePoint where the integrity of the stored business data is nothing but operationally critical. In this, a simple principle should be maintained. Users that can access the data should be able to do so easily and efficiently, whereas users that are...

read more

SELinux Permissions Management and Creation

Posted by on Aug 11, 2007 in Multi-Level Security Research | 0 comments

SELinux Permission Management and Creation As stated in other articles, there are two main concepts that exist in MAC architectures, subjects and objects, both of which are intrinsic to understanding the aggregate concept of SELinux architecture. Objects are simply assets that exist on the system, such as files. For each of these objects, there are permission sets that are associated with them that control the access and actions that subjects have in relation to those specific objects. In SELinux, objects are grouped into the concept of object classes, and all objects that exist in an object...

read more

Hybrid SharePoint With SElinux Theory of Operation

Posted by on Aug 11, 2007 in Multi-Level Security Research | 0 comments

Multi-Level Security Domain SharePoint To promote apposite security implementation of security centric SharePoint environments (those which are focused on sheltered implementations) it is necessary to build an environment that implements multi-security domain access along with diverse security mechanisms that will provide a basis to procure the concepts provided in the CIA triad. Like researched in previous articles, there is an overall concept in computing security architecture known as the CIA triad which procures the subjects of Confidentiality, Integrity, and Availability (CIA) which...

read more

Introduction To Hybrid SharePoint Using SELinux

Posted by on Aug 11, 2007 in Multi-Level Security Research | 0 comments

Hybrid SELinux / SharePoint Environment Before I get into how to architect a proper MAC environment using SELinux, there is one major misconception I would like to get out of the way. SELinux is not complicated. I am primarily a C# developer and I didn’t find it that complicated, and my talents with Linux technologies are less than ideal. If you find Linux as a product complicated, SELinux will appear daunting, you will solely be adding insult to injury, but in general, the security concepts that SELinux supplements the Linux platform with are in general very easy to understand once the...

read more