Naslov
LINUX SECURITY IN PHYSICAL, VIRTUAL AND CLOUD ENVIRONMENTS

Autori
Dakić, Vedran ; Jakobović, Karlo ; Žgrablić, Luka

Vrsta, podvrsta
Radovi u časopisima, znanstveni

Izvornik
Annals of DAAAM for ... & proceedings of the ... International DAAAM Symposium ... (2022)

Status rada
Prihvaćen

Ključne riječi
LUKS ; NBDE ; USBGuard ; PAM ; SELinux ; OpenSCAP ; risk ; JOSE ; Clevis ; Tang ; compliance, cgroups, firewalld, ACL

Sažetak
This paper will cover some of the available Linux methodologies and tools that can be used to enhance Linux security. It gives the reader some orientation in the world of Linux security. We will define what are the components of security and risk management, followed by device encryption and decryption using LUKS (Linux Unified Key Setup) and NBDE (Network Bound Disk Encryption) and restricting USB access by using USBGuard. The paper then shifts its focus to authentication methods utilizing PAM (Pluggable Authentication Modules), followed by firewalld, system auditing and monitoring file system changes with Audit and AIDE. We also go through ACL and SELinux concepts, ending with resource usage management with cgroups and OpenSCAP for compliance management and explaining the importance of automated compliance enforcing. In the last part, we talk about an overall approach to put all of these principles into operation, significantly impacting security footprint of our Linux-based resources.

Izvorni jezik
Engleski

Znanstvena područja
Računarstvo, Temeljne tehničke znanosti, Interdisciplinarne tehničke znanosti

POVEZANOST RADA