Report Layout

The rest of the report is organized as follows:

• Chapter 3 analyses various security breaches widespread in the Internet environment and traces their causes down to operating system mechanisms that fail to respond to them. This Chapter gives rationale behind the decision to replace DAC with MAC.
• LinSec design is presented, on a rather high level which can be applied to various variants of UNIX, in Chapter 4.
• The actual implementation of the specified design in Linux kernel is explained in Chapter 5. The chapter also describes issues that arose during the implementation due to the attempt to modify some of the core kernel mechanisms and ways in which they were resolved.
• Performance overhead of LinSec was assessed in a series of benchmarks as presented in Chapter 7.
• Because of the LinSec nature, approach taken for testing the implementation differs from standard, prescribed, ways and is put forward in Chapter 6.
• Finally, Chapter 8 concludes the report with a short summary, envisaged future of the project and a retrospective view on the project.