U.K. government and IBM test a secure Linux

Nice, this is great to hear. I just feel better thinking about the fact that different governments are willing to look into new, more secure options.

The U.K. Cabinet Office and IBM are working together on a secure open-source environment for public and private sector organizations.

The Central Sponsor for Information Assurance (CSIA) said this week that the initiative had been launched to assure public and private sectors that Linux could provide security in a complex environment.

The design is based on Security Enhanced Linux (SELinux) and IBM Websphere, a mandatory access control (MAC) application, which gives “need to know” access to security.

“We’ve been looking at Websphere middleware to say we can apply SELinux and a suite of applications with a security policy in a complex environment,” Stephen Marsh, director of CSIA, told ZDNet UK.

On Unix and Windows the administrative privilege rights can allow the wrong people to get unrestricted access to a system, said Marsh. “Mandatory access is controlled by the security policy, which defines what the administrator can do. The administrator can only do what the security policy says you can do, even if you escalate the privilege to root user,” Marsh explained…. Source: News.com

[tags]ibm,zdnet,selinux,mandatory access,ibm websphere[/tags]