SPLinux*: An Information Flow Secure Linux

Enforcement of information flow control (IFC) policies for OS to realize a sufficiently secure OS has been a challenging area of research. In this paper, our primary objective has been to present a fully information flow (IF) secure Linux that is usable with a minimal overhead without losing any of the existing functionalities. Towards such a goal, we describe the design, implementation and evaluation of a fully information flow secure Linux operating system called 'SP Linux' through complete mediation. Our approach first derives a labeled system (with initial inputs from the user in terms of the given Linux DAC policy) and manages further the labels automatically without users' intervention. It realizes complete mediation by interception of system calls and enforces IFC policy by implementing a recent decentralized security model that supports dynamic labelling and robust declassification. One of the distinct characteristics of the work is that the user has at his disposal all the features of Linux. We describe our experimental evaluation of SP Linux, its assessment of usability and performance evaluation with respect to other secure OS efforts. Results are quite encouraging in terms of performance, expressiveness, and usability.