Abstract
FreeBSD is a widely deployed open source operating system, frequently used in web cluster and file server environments, as the basis for high-end embedded network and storage appliances, and as a foundation technology for many commercial operating systems. High-profile Apple Computer CAPP FreeBSD Juniper LSPP TrustedBSD UUNet Verio Weather Channel Yahoo! technology consumers include , , , The , , and , illustrating the importance of Open Source as a technology transfer vehicle for widely used commercial products. Many FreeBSD deployment environments require adaptation of the native security policy, responding to local security, functionality, and performance requirements. The Project provides trusted operating system features for FreeBSD, and is intended to support both technology development and evaluation of FreeBSD-derived open source and commercial products against the and . Challenges in this work have been both technical and social, as many of these techniques have previously been limited to research and commercial/military environments. Mr Watson will describe the project technical approach, including support for flexible access control through the TrustedBSD MAC Framework. He will discuss development challenges in building and integrating with a mainstream open source system, as well as how strategies were adapted for open source development approaches. He will describe an adaptation of NSA's SELinux FLASK/TE implementation to FreeBSD (SEBSD) using the MAC Framework, and new work to port the MAC Framework and SEBSD module to Apple's Darwin and MacOS X platforms. |
