Slashdot Mirror

← Back to Stories (view on slashdot.org)

A Windows Alternative to Linux Security Modules?

Posted by ryuzaki0 on from the finely-grained-security dept.

Cliffe asks: "I am a PhD candidate preparing to implement a new security (access control) model. I have been reading about Linux's LSM (which allow security frameworks to be loaded) but I was unable to find documentation for a mechanism in MS Windows which allows every individual application's access to resources to be mediated; for example, to restrict each application's access to particular files or network protocols. Is this type of mediation possible in Windows? Virus scanners and firewalls likely utilize similar capabilities. Where can the documentation be found?"

2 of 54 comments (clear)

  1. that is unrelated by r00t · · Score: 2, Insightful

    Sure, you can create groups. You can do ACLs. You can assign privs.

    None of this gets you a way to plug in a whole new security concept. Suppose that the OS did not support ACLs, but you wanted to add support. That's something that LSM would let you do.

  2. Not a direct answer but... by bourne · · Score: 2, Insightful

    Cisco Security Agent is a close analog to the sort of comprehensive kernel security hooking that something like LIDS does on Linux. If you can do some research to determine how they're doing it, that'll be a start. They hook all sorts of things, from file and network opens to attempts to sniff keystrokes and executing dynamically modified memory.