PULSE: a Pluggable User-space Linux Security Environment paper

The discretionary access controls (DAC) employed by traditional operating systems only provide system administrators and users with a loose ability to specify the security policies of the system. In contrast, mandatory access controls (MAC) provide a stronger, finer-grained mechanism for specifying and enforcing system security policies. A related security concept called the principle of least authority (POLA) states that subjects should only have access to the specific resources that they absolutely require to function properly at any given time. Although a number of existing projects (Plash and Polaris) seek to provide POLA implementations, these are not enforced using strong MAC. Conversely, existing MAC implementations (SELinux and AppArmor) do not provide rigorous POLA because they do not provide an effective mechanism for dynamic policy modification based on user preferences. This paper presents our solution to fill this void, called the Pluggable User-space Linux Security Environment (PULSE), which implements a MAC enforced, dynamic, user-level POLA implementation. Through the use of user-space plug-ins to specify security policy, PULSE provides a high degree of dynamism, flexibility and usability which is not available in existing security architectures.