//All local documentation is published under the [[@doc/doclicense-cc-by-sa2.php|CCPL]] licence.// ===== Documentation ===== If you have further questions or just need help which you do not find in our documentation, we have mailing-lists and an IRC channel, please see the [[contact]] page === User Documentation === If you are starting out with RSBAC, or looking for a reference, see the handbook. There is a panel on right column of every documentation pages with shortcuts to the different chapters. * [[documentation:RSBAC Handbook]] (//in progress//) * [[wiki|User Experiences]] * [[documentation:Why RSBAC does not use LSM]] * [[documentation:mod_rsbac|RSBAC for Apache: mod_rsbac]] === RSBAC Book === The new RSBAC book "[[http://www.shaker.eu/catalogue/Details.asp?ISBN=3-8322-6423-X|Amon Ott: Mandatory Rule Set Based Access Control in Linux]]" covers all the concepts and background of the RSBAC framework as well as the RC model with AUTH and ACL. It can be ordered through your local book seller (ISBN 978-3-8322-6423-9) or [[http://www.shaker.eu/catalogue/Details.asp?ISBN=3-8322-6423-X|directly from the publisher]]. The [[http://www.shaker.eu/catalogue/Element.asp?ID=2759134&Element_ID=30483&Mode=PageFrame|table of contents]], [[http://www.shaker.eu/catalogue/Element.asp?ID=2759134&Element_ID=30481&Mode=PageFrame|abstracts in German and English]] and an electronic version are available as PDF from the same page. === Developer Documentation === * How to use [[documentation:dev:scm:svn|SVN]] and [[documentation:dev:scm:svk|SVK]] [[documentation:dev:scm:git|GIT]] as an RSBAC developer * [[documentation:write your decision module|Write your own RSBAC decision module (using the REG module)]] * [[documentation:Persistent generic Lists]] * [[documentation:Memory Allocation]] * [[documentation:rsbac_handbook:appendixes:rsbac_reference:Error Codes]] * [[documentation:coding_practices|Coding practices]] === Miscellaneous === * [[documentation:features|Features list]] * [[documentation:acronyms|Acronyms]] * [[documentation:benchmarks|RSBAC Benchmarks]] ===== The RSBAC Library ===== Here you will find every RSBAC review, talk, and white papers. //Note: the RSBAC books are outdated and not currently being worked on// Please note that a complete set of [[http://books.rsbac.org/|Open Source books]] about RSBAC is under development. //All slides and papers in this section are published under the [[@doc/doclicense-cc-by-sa2.php|CCPL]] licence.// == Tutorials == * [[@doc/media/Security_lab_RSBAC.pdf|MAC course using RSBAC]], Poznan University of Technology (Poland), by Ph.D. Michal Szychowiak, from the Institute of Computing Science. (in polish) * "Rule Set Based Access Control (RSBAC) - Linux Kernel Security Extension" \\ At [[http://www.linux-kongress.org/|Linux Kongress 2004]], Erlangen, 7th to 10th of September 2004. My slides are available in PDF as a [[@doc/media/lk2004-tutorial-handout.pdf|handout ]]. == Talks == * In Polish: Michal Purzynski: "RSBAC - Trust is great, supervising is even better". [[@doc/media/piwo-MPurzynski.pdf|talk slides]] are available in PDF. * In German: Johannes Nicolai: "RSBAC - Who is root anyway"\\ HPI Seminar Betriebssystemdienste und Administration, Sommersemester 2005. The [[@doc/media/hpi2005-handout.pdf|talk slides]] are available in PDF. * "Rule Set Based Access Control (RSBAC) - Securing Linux from the Inside"\\ At [[http://www.sucon.ch/|Sucon '04]], Zurich, 2nd to 4th of September 2004. My talk slides are available in PDF as [[@doc/media/sucon2004-handout.pdf|handout]]. * In German: Rule Set Based Access Control for Linux, [[http://www.cebit.de/|Cebit 2004]]\\ [[http://www.linux-events.de/LinuxPark/cebit04/Vortraege/index2004_html|LinuxForum]], Hannover, 19th of March 2004. My talk slides are available in PDF as [[@doc/media/cebit2004.pdf|presentation]] and [[@doc/media/cebit2003-handout.pdf|handout]]. * In German: Mehr Sicherheit durch RSBAC, [[http://www.cebit.de/|Cebit 2003]]\\ [[http://www.linux-events.de/LinuxPark/cebit/Vortraege|LinuxForum]], Hannover, 14th of March 2003. My talk slides are available in [[@doc/media/cebit2003.pdf|PDF as presentation]] and [[@doc/media/cebit2003-handout.pdf|handout]]. * Short overview and new features of v1.2.0 at [[http://en.openweekend.cz/|OpenWeekend]]\\ Prague, 1st to 2nd of June 2002. My talk slides are available in PDF as [[@doc/media/openweekend/openweekend.pdf|presentation]] and [[@doc/media/openweekend/openweekend-handout.pdf|handout ]]. A picture gallery of the event is available at http://www.blisty.cz/gal.php?id=169. == Papers == * [[@doc/media/rsbac-marek2006.pdf|RSBAC - a framework for enhanced Linux system security]] (Marek Jawurek, RWTH Aachen) * [[@doc/media/rc-nordsec2002/index.html|The Role Compatibility Security Model]] ([[@doc/media/rc-nordsec2002.pdf|PDF]]) (Amon Ott)\\ For the [[http://www.cs.kau.se/nordsec2002/|Nordsec 2002]]: 7th Nordic Workshop on Secure IT Systems, Karlstad, Sweden, 7th to 8th of November 2002. This paper includes the RC design goals and a formal description of the model. * [[@doc/media/rsbac-framework.pdf|"The Rule Set Based Access Control (RSBAC) Framework for Linux (PDF)"]] (Amon Ott, Simone Fischer-Hübner)\\ Karlstad University Studies, 2001:28, ISBN 91-89422-63-5. * [[@doc/media/linux-kongress/index.html|"The Rule Set Based Access Control (RSBAC) Linux Kernel Security Extension]] (Amon Ott)\\ ([[@doc/media/linux-kongress.pdf|PDF]] / [[@doc/media/linux-kongress.ps.zip|zipped PS]])" for the [[http://www.linux-kongress.org/|8th International Linux Kongress]], Enschede, 28th to 30th of November 2001. The slides of my talk are also available as [[@doc/media/lk2001-slides.pdf|PDF]] and [[@doc/media/lk2001-slides.ps.zip|zipped PS]]. Additionally, here is my tutorial handout in [[@doc/media/lk2001-tutorial-handout.pdf|PDF]] and [[@doc/media/lk2001-tutorial-handout.ps.zip|zipped PS]]. * [[@doc/media/unix-nl/|"Rule Set Based Access Control (RSBAC)]] (Amon Ott)\\ ([[@doc/media/unix-nl.pdf|PDF ]] / [[@doc/media/unix-nl-ps.zip|zipped PS]])" for the [[http://www.snow.nl/unix_congres.html|Snow Unix Event / unix.nl]] congress "Reliable Internet", Waardenburg, 14th of September 2001. The slides of my talk are also available as [[@doc/media/unix-nl-slides.pdf|PDF]] and [[@doc/media/unix-nl-slides-ps.zip|zipped PS]]. * [[@doc/media/rc-paper.php|"A Role-Compatibility Model for Secure System Administration"]] (Amon Ott, Simone Fischer-Hübner)\\ (not finished) * [[@doc/media/nordse98.php|"Approaches to Integrated Malware Detection and Avoidance"]] (Amon Ott, Simone Fischer-Hübner, Morton Swimmer)\\ For The Third Nordic Workshop on Secure IT Systems (Nordsec'98) * [[@doc/media/niss98.php|"From a Formal Privacy Model to its Implementation"]] (Simone Fischer-Hübner, Amon Ott)\\ For the National Information Systems Security Conference (NISSC 98) * [[@doc/media/diplarb.pdf|"Rule Set Based Access Control as proposed in the 'Generalized Framework for Access Control' approach in Linux" in PDF]] (German Master Thesis by Amon Ott)\\ Also available as [[@doc/media/diplarb.ps|PS]] and [[@doc/media/dipl-ps.zip|zipped PS]]. The originals [[documentation:user:introduction]] and the [[documentation:user:summary]] are also available in English. ===== Articles ==== These are the published articles about RSBAC in different magazines. == Reverse order == * German [[http://www.linux-magazin.de/|Linux Magazin]] (Amon Ott)\\ [[@doc/media/lm-rsbac2.pdf|"Wink mit dem Zaunpfahl: Die Modelle des Linux-Sicherheitssystems Rule Set Based Access Control (RSBAC)"]], [[http://www.linux-magazin.de/Artikel/ausgabe/2003/04|Linux Magazin 04/2003]]. * English [[http://www.linux-magazine.com/|Linux Magazine]] (Amon Ott)\\ [[@doc/media/lm-rsbac1-english.pdf|Security Architecture: Architecture of Rule Set Based Access Control (RSBAC)]]. This is a translation of the following German article. * German [[http://www.linux-magazin.de/|Linux Magazin]] Amon Ott)\\ [[@doc/media/lm-rsbac1.pdf|"Sicherheitsarchitektur: Die Architektur des Linux-Sicherheitssystems Rule Set Based Access Control (RSBAC)"]], Linux Magazin 01/2003. ===== Documentation on other Servers ===== * [[http://adamantix.org/doc|Adamantix RSBAC]] Official Adamantix RSBAC documentation. * [[http://hardened.gentoo.org/rsbac|Gentoo RSBAC]] Official Gentoo RSBAC documentation. * [[http://www.linux.ru.net/index.php?module=library&action=show&docid=1&part=3|RSBAC for beginners]] RSBAC for beginners (English, Russian and French) * http://sftf.narod.ru/rsbac_howto_myway.txt ===== Old historical docs reachable through archive.org ===== Please take note that this documentation even doesn't exists in their original sites depending in a third party site no related with their original writers, could be old, obsoleted etc. Maintained here by historical reasons * [[http://web.archive.org/web/20120424184235/http://sftf.narod.ru/rsbac_howto_myway.txt| sftf.narod.ru docs archived]] * [[http://web.archive.org/web/20050420215642/http://adamantix.org/doc/ |adamantix.org docs archived]] ===== Dissertation ===== Amon Ott has written his [[@doc/diss/index.php|dissertation]] about the RSBAC framework and the new models within. The [[http://www.shaker.eu/catalogue/Details.asp?ISBN=3-8322-6423-X|book]] is about to be published.