Back in 2004, the U.S. National
Security Agency (NSA) helped the Linux community to build something called
SELinux, which brings mandatory access control (MAC) policies to the
Now four years later, Sun is getting the same technology from
the NSA to use with its Solaris operating system. Sun’s OpenSolaris community will work on integrating the NSA’s Flux
Advanced Security Kernel (Flask) architecture, which is a form of mandatory
access control, for type enforcement. Flask is the basis of SELinux.
The Flask enhancements will be added to Sun’s Trusted
Extensions, which provide high-security labeling features to meet
regulatory and compliance requirements.
The difference between the Type
enforcement of Flask/SELinux and the Labeling of Trusted Extensions is an
important distinction to how security policies can be enforced and managed.
The NSA’s technology is critical to US Government customers that require
high degrees of security assurance policies and controls.
“The labeling in Trusted Extensions separates applications and it applies a
multi level protection profile and it separates them within the same
operating system,” Bill Vass, president and COO of Sun Microsystems Federal told InternetNews.com.
“In the Flask model you have multiple
applications running at different levels inside the same instance of the
operating system. In the Trusted Extensions model you have lots of
applications running inside each different instance of the operating system
running on the same server,” he said.
Vass explained that the advantages to the Flask model is very granular level
control over what the application does. The drawback of the Flask model is
that there is also a lot of work in managing that policy. On the other side,
the advantage to labeling is you don’t have any policy to mange, you just pop
the application inside the label and it does whatever it needs to do.
The NSA’s Flask controls have been made available to Sun under what Vass
described as a Public Domain license. Sun in turn will re-license the
technology inside of OpenSolaris under the open source CDDL license (Common
Development and Distribution License).
Vass noted that initially a user will only be able to run either the Flask
control or the labeling (traditional Trusted Extensions) control but not
both at the same time. The plan going forward is to work within the
OpenSolaris community with the continued assistance of the NSA to make a
dual type/labeling control possible.
The new Flask based controls for OpenSolaris will not get their own branded
name from Sun, like an SELinux, but instead will simply just become a
different feature available as part of Sun’s Trusted Extensions.
As to why Sun is just getting around to trying implementing the SELinux-type
technology from the NSA now, Vass was brutally honest.
“Had I been in charge 3 or 4 years ago we would have done it then, “Vass
admitted. “There were a lot of politics involved and wishy-washiness back
Vass noted that in the last few years Sun has made tremendous strides to
being more open and accepting of outside contributions and efforts. It’s
that openness that makes the addition of the NSA’s technology a bit more
doable now for Sun than it might have been four years ago.
“Now that we’re community driven in Solaris it’s a lot more advantageous
for us to do these kinds of things,” Vass said. “I wish we would have done
it back then and I can’t really explain to you why we didn’t, other than I
think we had a lack of maturity in our open source model around Solaris.”