“Hosting” represents a commonplace solution for the low-cost implementation of web sites through the efficient sharing of the resources of a single server. The arising security problems, however, are not always easily dealt with under the Discretionary Access Control model implemented by traditional operating systems. More robust separation between the hosted sites, as well as more robust protection of the host system, can be attained by exploiting the features typical of Mandatory Access Control systems. Recently, these systems have recently been made available to the vast Linux community through projects like SELinx and grsecurity. This paper describes the architecture of a secure hosting server, integrating SELinux functionalities into the Apache/PHP platform, designed with the goal of increasing security without adding administrative burdens or impacting performance.

M. prandini, e.faldella, r. laschi (2006). Mandatory Access Control applications to web hosting. LONDON : Springer-Verlag.

Mandatory Access Control applications to web hosting

PRANDINI, MARCO;FALDELLA, EUGENIO;LASCHI, ROBERTO
2006

Abstract

“Hosting” represents a commonplace solution for the low-cost implementation of web sites through the efficient sharing of the resources of a single server. The arising security problems, however, are not always easily dealt with under the Discretionary Access Control model implemented by traditional operating systems. More robust separation between the hosted sites, as well as more robust protection of the host system, can be attained by exploiting the features typical of Mandatory Access Control systems. Recently, these systems have recently been made available to the vast Linux community through projects like SELinx and grsecurity. This paper describes the architecture of a secure hosting server, integrating SELinux functionalities into the Apache/PHP platform, designed with the goal of increasing security without adding administrative burdens or impacting performance.
2006
EC2ND 2006 Proceedings of the second European conference on computer network defence
13
22
M. prandini, e.faldella, r. laschi (2006). Mandatory Access Control applications to web hosting. LONDON : Springer-Verlag.
M. prandini; e.faldella; r. laschi
File in questo prodotto:
Eventuali allegati, non sono esposti

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11585/35737
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
social impact