Add three new TrustedBSD-related ideas for GSoC (or otherwise):
- New audit parsing API - NT/Linux to BSM conversion tool - Application-specific audit trails All three would be reasonable student projects or someone with strong C language skills and at least some security backgroun.
This commit is contained in:
parent
6eb956537b
commit
375e1e27ae
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/www/; revision=33920
1 changed files with 135 additions and 1 deletions
|
@ -15,7 +15,7 @@ Ideas//EN"
|
|||
<ideas>
|
||||
<cvs:keywords xmlns:cvs="http://www.FreeBSD.org/XML/CVS" version="1.0">
|
||||
<cvs:keyword name="freebsd">
|
||||
$FreeBSD: www/en/projects/ideas/ideas.xml,v 1.95 2009/03/12 07:12:37 brooks Exp $
|
||||
$FreeBSD: www/en/projects/ideas/ideas.xml,v 1.96 2009/03/12 07:30:50 imp Exp $
|
||||
</cvs:keyword>
|
||||
</cvs:keywords>
|
||||
|
||||
|
@ -1584,6 +1584,140 @@ New tests must be created; existing tests must be completed and updated.
|
|||
</desc>
|
||||
</idea>
|
||||
|
||||
<idea id="auditparse" class="soc">
|
||||
<title>A New Audit Parsing API</title>
|
||||
|
||||
<desc>
|
||||
<p><strong>Technical contact</strong>: <a
|
||||
href="mailto:rwatson@FreeBSD.org">Robert Watson</a>, <a
|
||||
href="mailto:trustedbsd-audit@TrustedBSD.org">TrustedBSD audit
|
||||
mailing list</a></p>
|
||||
|
||||
<p>The current OpenBSM audit parsing API has a number of limitations,
|
||||
not least that it can't handle little endian BSM records that may
|
||||
come from Solaris x86 systems, in terms of ABI robustness in the
|
||||
presence of new record types, ability to process trails generated
|
||||
non-locally in terms of supporting uid/gid->name translation, and
|
||||
in terms of incrementally processing a byte stream from, for
|
||||
example, socket sources without using the C FILE API.</p>
|
||||
|
||||
<p>This task would consider existing audit parsing APIs in the
|
||||
industry, including POSIX.1e, relevant Open Group specs, and in-use
|
||||
APIs on other systems such as Solaris, Linux, Windows NT, and
|
||||
others, in order to first identify an existing candidate API or
|
||||
design a new candidate API, then implement the API and adapt
|
||||
existing audit applications to use it. The task would also
|
||||
document the API using man pages, create an audit parsing tutorial
|
||||
document, create a test suites, and require interaction with the
|
||||
OpenBSM and FreeBSD communities to identify audit parsing
|
||||
requirements.</p>
|
||||
|
||||
<p>If successful, the results of this work would be integrated into
|
||||
OpenBSM, the open source BSD-licensed audit framework shipped with
|
||||
FreeBSD and Mac OS X.</p>
|
||||
|
||||
<p><strong>Requirements</strong>:</p>
|
||||
<ul>
|
||||
<li>Strong C programming skills.</li>
|
||||
<li>Past coursework or reading in the area of computer security.</li>
|
||||
</ul>
|
||||
</desc>
|
||||
</idea>
|
||||
|
||||
<idea id="bsmconvert" class="soc">
|
||||
<title>NT/Linux to BSM Conversion Tool</title>
|
||||
|
||||
<desc>
|
||||
<p><strong>Technical contact</strong>: <a
|
||||
href="mailto:rwatson@FreeBSD.org">Robert Watson</a>, <a
|
||||
href="mailto:trustedbsd-audit@TrustedBSD.org">TrustedBSD audit
|
||||
mailing list</a></p>
|
||||
|
||||
<p>The BSM (Basic Security Framework) audit trail format is the de
|
||||
facto industry standard for portable operating system audit trails,
|
||||
being supported on Solaris, FreeBSD, and Mac OS X. However, many
|
||||
other audit trail formats exist that are less portable, including
|
||||
audit trail formats local to Windows NT and Linux.</p>
|
||||
|
||||
<p>This task would create BSD-licensed conversion tools to import
|
||||
audit trails from other systems and convert them to BSM format so
|
||||
that they can be inspected and managed using the OpenBSM tool set.
|
||||
This would require the creation of BSD-licensed parsers for audit
|
||||
trail formats of interest, designing and documenting a semantic
|
||||
mapping to the BSM trail format, and writing conversion utilities
|
||||
using the new parsers, semantic mapping, and BSM generation
|
||||
routines in OpenBSM. A key part of this work would be to
|
||||
rigorously understand and document the mapping and its limitations
|
||||
(for example, perhaps some Windows NT concepts can't be represented
|
||||
in BSM in a natural way, such as larger SID than UID fields, which
|
||||
is important information for anyone using BSM trails from NT
|
||||
systems). A test suite is also required.</p>
|
||||
|
||||
<p>If successful, the results of this work would be integrated into
|
||||
OpenBSM, the open source BSD-licensed audit framework shipped with
|
||||
FreeBSD and Mac OS X.</p>
|
||||
|
||||
<p><strong>Requirements</strong>:</p>
|
||||
<ul>
|
||||
<li>Strong C programming skills.</li>
|
||||
<li>Past coursework or reading in the area of computer security.</li>
|
||||
</ul>
|
||||
</desc>
|
||||
</idea>
|
||||
|
||||
<idea id="appaudit" class="soc">
|
||||
<title>Application-Specific Audit Trails</title>
|
||||
|
||||
<desc>
|
||||
<p><strong>Technical contact</strong>: <a
|
||||
href="mailto:rwatson@FreeBSD.org">Robert Watson</a>, <a
|
||||
href="mailto:trustedbsd-audit@TrustedBSD.org">TrustedBSD audit
|
||||
mailing list</a></p>
|
||||
|
||||
<p>Currently, FreeBSD's audit trail support is a system-level
|
||||
facility, intended to track system-level security events. However,
|
||||
as the affordability of computers has gone up, they are
|
||||
increasingly single-application systems, and applications are
|
||||
increasingly playing a role in the Trusted Code Base (TCB) of
|
||||
larger integrated computing systems. As such, it is desirable to
|
||||
support reliable and secure auditing of application events that do
|
||||
not correspond to the traditional TCB components, such as events
|
||||
from databases, web servers, or virtual machines. However, these
|
||||
events need to be handled separately, as they have quite different
|
||||
security and selection requirements.</p>
|
||||
|
||||
<p>This task would extend the FreeBSD kernel's audit framework to
|
||||
allow multiple concurrent audit trails to be maintained, reflecting
|
||||
different "slices" of the system. The base slice would be the
|
||||
existing system audit trail, submitted to by the kernel itself, as
|
||||
well as using the audit(2) system call, and stored in /var/audit.
|
||||
New slices would be represented by named special devices in /dev,
|
||||
with ownership and permissions reflecting their desired application
|
||||
security properties; each slice would have its own audit worker and
|
||||
queue, with its own pipe reliability properties and target trail
|
||||
files. This would require extending OpenBSM's auditd and libbsm to
|
||||
support multiple trails as well. Finally, two or more sample
|
||||
applications would be modified to submit application-level
|
||||
auditing, such as the authentication routines in Apache and
|
||||
PostgreSQL. This design would have several interesting properties,
|
||||
not least that audit trails submitted by applications would be
|
||||
protected from application tampering after submission, as the
|
||||
kernel would mediate access using the TCB. Analysis of potential
|
||||
designs, security issues, documentation, and a test suite are
|
||||
required.</p>
|
||||
|
||||
<p>If successful, the results of this work would be integrated into
|
||||
the FreeBSD kernel and OpenBSM.</p>
|
||||
|
||||
<p><strong>Requirements</strong></p>
|
||||
<ul>
|
||||
<li>Strong C programming skills.</li>
|
||||
<li>Past coursework or reading in the area of computer security.</li>
|
||||
<li>Past coursework in the area of operating system kernels.</li>
|
||||
</ul>
|
||||
</desc>
|
||||
</idea>
|
||||
|
||||
</category>
|
||||
|
||||
<category>
|
||||
|
|
Loading…
Reference in a new issue