FRINK Linked Data Fragments server

Matches in SemOpenAlex for { <https://semopenalex.org/work/W573156191> ?p ?o ?g. }

• W573156191 abstract "To minimize the damage in the event of a security breach it is desirable to limit the privileges of remotely available services to the bare minimum and to isolate the individual services from the rest of the operating system. To achieve this there is a number of different containment strategies and process privilege security models that may be used. Two of these mechanisms are Solaris Containers (a.k.a. Solaris Zones) and Type Enforcement, as implemented in the Fedora distribution of Security Enhanced Linux (SELinux). This thesis compares how these technologies can be used to isolate a single service in the operating system.As these two technologies differ significantly we have examined how the isolation effect can be achieved in two separate experiments. In the Solaris experiments we show how the footprint of the installed zone can be reduced and how to minimize the runtime overhead associated with the zone. To demonstrate SELinux we create a deliberately flawed network daemon and show how this can be isolated by writing a SELinux policy.We demonstrate how both technologies can be used to achieve isolation for a single service. Differences between the two technologies become apparent when trying to run multiple instances of the same service where the SELinux implementation suffers from lack of namespace isolation. When using zones the administration work is the same regardless of the services running in the zone whereas SELinux requires a separate policy for each service. If a policy is not available from the operating system vendor the administrator needs to be familiar with the SELinux policy framework and create the policy from scratch. The overhead of the technologies is small and is not a critical factor for the scalability of a system using them." @default.
• W573156191 created "2016-06-24" @default.
• W573156191 creator A5002572753 @default.
• W573156191 creator A5046133971 @default.
• W573156191 date "2007-01-01" @default.
• W573156191 modified "2023-09-23" @default.
• W573156191 title "Comparative Study of Containment Strategies in Solaris and Security Enhanced Linux" @default.
• W573156191 cites W114793137 @default.
• W573156191 cites W1516211918 @default.
• W573156191 cites W1516432943 @default.
• W573156191 cites W1591051730 @default.
• W573156191 cites W186343359 @default.
• W573156191 cites W2362831978 @default.
• W573156191 hasPublicationYear "2007" @default.
• W573156191 type Work @default.
• W573156191 sameAs 573156191 @default.
• W573156191 citedByCount "1" @default.
• W573156191 crossrefType "journal-article" @default.
• W573156191 hasAuthorship W573156191A5002572753 @default.
• W573156191 hasAuthorship W573156191A5046133971 @default.
• W573156191 hasConcept C111919701 @default.
• W573156191 hasConcept C136264566 @default.
• W573156191 hasConcept C154908896 @default.
• W573156191 hasConcept C162324750 @default.
• W573156191 hasConcept C2775941552 @default.
• W573156191 hasConcept C2777253204 @default.
• W573156191 hasConcept C2777407602 @default.
• W573156191 hasConcept C2778383056 @default.
• W573156191 hasConcept C2779960059 @default.
• W573156191 hasConcept C2780378061 @default.
• W573156191 hasConcept C38652104 @default.
• W573156191 hasConcept C41008148 @default.
• W573156191 hasConcept C45567728 @default.
• W573156191 hasConcept C527821871 @default.
• W573156191 hasConcept C86803240 @default.
• W573156191 hasConcept C89423630 @default.
• W573156191 hasConcept C98045186 @default.
• W573156191 hasConceptScore W573156191C111919701 @default.
• W573156191 hasConceptScore W573156191C136264566 @default.
• W573156191 hasConceptScore W573156191C154908896 @default.
• W573156191 hasConceptScore W573156191C162324750 @default.
• W573156191 hasConceptScore W573156191C2775941552 @default.
• W573156191 hasConceptScore W573156191C2777253204 @default.
• W573156191 hasConceptScore W573156191C2777407602 @default.
• W573156191 hasConceptScore W573156191C2778383056 @default.
• W573156191 hasConceptScore W573156191C2779960059 @default.
• W573156191 hasConceptScore W573156191C2780378061 @default.
• W573156191 hasConceptScore W573156191C38652104 @default.
• W573156191 hasConceptScore W573156191C41008148 @default.
• W573156191 hasConceptScore W573156191C45567728 @default.
• W573156191 hasConceptScore W573156191C527821871 @default.
• W573156191 hasConceptScore W573156191C86803240 @default.
• W573156191 hasConceptScore W573156191C89423630 @default.
• W573156191 hasConceptScore W573156191C98045186 @default.
• W573156191 hasLocation W5731561911 @default.
• W573156191 hasOpenAccess W573156191 @default.
• W573156191 hasPrimaryLocation W5731561911 @default.
• W573156191 hasRelatedWork W183323481 @default.
• W573156191 hasRelatedWork W2038315427 @default.
• W573156191 hasRelatedWork W2133631375 @default.
• W573156191 hasRelatedWork W2181917222 @default.
• W573156191 hasRelatedWork W2185582414 @default.
• W573156191 hasRelatedWork W2274142119 @default.
• W573156191 hasRelatedWork W2620448698 @default.
• W573156191 hasRelatedWork W2741631240 @default.
• W573156191 hasRelatedWork W2795239434 @default.
• W573156191 hasRelatedWork W2807826660 @default.
• W573156191 hasRelatedWork W2889959453 @default.
• W573156191 hasRelatedWork W2944674008 @default.
• W573156191 hasRelatedWork W2945553619 @default.
• W573156191 hasRelatedWork W2969433881 @default.
• W573156191 hasRelatedWork W3015943424 @default.
• W573156191 hasRelatedWork W3081520195 @default.
• W573156191 hasRelatedWork W3113114671 @default.
• W573156191 hasRelatedWork W83837210 @default.
• W573156191 hasRelatedWork W2187025530 @default.
• W573156191 hasRelatedWork W973177502 @default.
• W573156191 isParatext "false" @default.
• W573156191 isRetracted "false" @default.
• W573156191 magId "573156191" @default.
• W573156191 workType "article" @default.