Policy Enforced Remote Login
نویسندگان
چکیده
This document describes enhancements made to the popular OpenSSH authentication service to restrict the execution of OpenSSH processes by applying a ring-based program execution policy. We also apply a label-based mandatory access control (MAC) policy to limit a user’s login shell to run at a specific security level within the user’s authorized security clearance range. While still rudimentary, these enhancements illustrate the usefulness of a ring-based execution mechanism for restricting program behavior.
منابع مشابه
A VO-friendly, Community-based Authorization Framework Part 1: Use Cases, Requirements, and Approach
The era of massive surveys like LSST are driving the increasing necessity for astronomical research that is network-based and features remote data access and remote data analysis. With the development of the Virtual Observatory (VO) come the tools to make remote science easier. The VO community is large—thousands of potential users, and traditional authorization models based on individuals will...
متن کاملUse of Remote Sensing to Support Forest and Wetlands Policies in the USA
The use of remote sensing for environmental policy development is now quite common and well-documented, as images from remote sensing platforms are often used to focus attention on emerging environmental issues and spur debate on potential policy solutions. However, its use in policy implementation and evaluation has not been examined in much detail. Here we examine the use of remote sensing to...
متن کاملNovel Remote User Authentication Scheme Using Bilinear Pairings
The paper presents a remote user authentication scheme using the properties of bilinear pairings. In the scheme, the remote system receives user login request and allows login to the remote system if the login request is valid. The scheme prohibits the scenario of many logged in users with the same login-ID, and provides a flexible password change option to the registered users without any assi...
متن کاملVerification of Security Policy Enforcement in Enterprise Systems
Many security requirements for enterprise systems can be expressed in a natural way as high-level access control policies. A high-level policy may refer to abstract information resources, independent of where the information is stored; it controls both direct and indirect accesses to the information; it may refer to the context of a request, i.e., the request’s path through the system; and its ...
متن کاملTowards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing
We present an approach to protect mobile code and agents at runtime using Trusted Computing (TC) technologies. For this purpose, a “mobile policy” is defined by the mobile code originator, and is enforced by the runtime environment in a remote host to control which users can run the mobile code and what kind of results a user can observe, depending on the security properties of the user. The se...
متن کامل