LINUX SECURITY IN PHYSICAL, VIRTUAL AND CLOUD ENVIRONMENTS (CROSBI ID 328024)
Prilog u časopisu | ostalo | međunarodna recenzija
Podaci o odgovornosti
Dakić, Vedran; Jakobović, Karlo; Žgrablić, Luka
engleski
LINUX SECURITY IN PHYSICAL, VIRTUAL AND CLOUD ENVIRONMENTS
This paper will cover some of the available Linux methodologies and tools that can be used to enhance Linux security. It gives the reader some orientation in the world of Linux security. We will define what are the components of security and risk management, followed by device encryption and decryption using LUKS (Linux Unified Key Setup) and NBDE (Network Bound Disk Encryption) and restricting USB access by using USBGuard. The paper then shifts its focus to authentication methods utilizing PAM (Pluggable Authentication Modules), followed by firewalld, system auditing and monitoring file system changes with Audit and AIDE. We also go through ACL and SELinux concepts, ending with resource usage management with cgroups and OpenSCAP for compliance management and explaining the importance of automated compliance enforcing. In the last part, we talk about an overall approach to put all of these principles into operation, significantly impacting security footprint of our Linux-based resources.
LUKS ; NBDE ; USBGuard ; PAM ; SELinux ; OpenSCAP ; risk ; JOSE ; Clevis ; Tang ; compliance, cgroups, firewalld, ACL
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
Podaci o izdanju
1 (1)
2022.
151-160
objavljeno
1726-9679
2304-1382
10.2507/33rd.daaam.proceedings.021
Trošak objave rada u otvorenom pristupu
Povezanost rada
Interdisciplinarne tehničke znanosti, Računarstvo, Temeljne tehničke znanosti