KSE and SELinux comparative (Archive resource) This post: Is a revisit to a KSE vs SELinux comparative paper from ~2008. KSE is user-friendly and cost effective, but is the protection equivalent, and more, of SELinux. KSE features such as automation of labelled security and elimination of ACLs reduces overhead by roughly 2 orders of
The need for MLS KSE uses algebraic modelling to run trust models such as the secrecy or confidentiality model known as the Bell–LaPadula Model, on common, commercial systems (read untrustworthy). Bell-LaPadula is the basis for multi-level security, or MLS, which focuses on data confidentiality and controlled access to classified information. The confidentially arm of
Even though VTech probably didn't intend any harm for customers, its reputation has received a black eye in the court of popular opinion. It stored images and chat records between kids and parents which has been accessed, along with over 5 million customer records, by a hacker. The optics, - just the perception... of
Owner-centric security helps alignment Summary points: It's suggested distributing security staff in business units will help them learn to speak the language of the business, collaboration and alignment. KSE has always used this approach in its model, but is owner-centric as opposed to object- or subject-centric. The security owner, or head of a business
Source code: integrity, assurance guarantees? In this post: Efforts to produce quality software used in offerings become moot points if attackers can access and tamper with source code, perhaps inserting back doors. Security offering source code invokes integrity and assurance issues. Any breach can lead to multiple others, leading to a breach event chain.