SlideShare a Scribd company logo

Label based Mandatory Access Control on PostgreSQL

Kohei KaiGai
Kohei KaiGai

slides on PGcon2011

BusinessTechnology
1 of 29
Download to read offline
Label based Mandatory Access Control on PostgreSQL NEC Europe Ltd, SAP Global Competence Center KaiGai Kohei <kohei.kaigai@eu.nec.com>
SE-PostgreSQL got merged in v9.1 NEW! NEW! contrib/sepgsql contrib/sepgsql Page 2 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
History of development ▐ Sep-2006 Launch development of SE-PostgreSQL based on v8.2.x ▐ Apr-2007 First post to pgsql-hackers, after 2 weeks of feature freeze ▐ Mar-2007 SELinux Symposium 2007 ▐ Nov-2007 METI Japan gave an award due to SE-PostgreSQL ▐ May-2008 PGcon2008 – SE-PostgreSQL ▐ Jul-2008 Development Cycle for v8.4 Too large to review ▐ Jul-2009 Development Cycle for v9.0 Steps to consensus up to the current design ▐ May-2010 PostgreSQL Developer Summit ▐ Sep-2010 SECURITY LABEL statement got merged ▐ Jan-2011 contrib/sepgsql got merged ▐ May-2011 PGcon2011 – Label based MAC on PostgreSQL ▐ Jun-2011 1st Commit Fest of v9.2 development cycle Page 3 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
Today’s Agenda ▐ Overview of label based MAC ▐ New features in v9.1 ▐ Our challenges to v9.2 Page 4 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
Characteristics of MAC DAC (discretionary access control) : Owner decide access control rules read determine access read? control rules rwx rwx create rwx rwx Data Data MAC (mandatory access control) : A centralized security policy decides access control rules read read? confidential confidential confidential create confidential Data Data security security policy server determine access control rules Page 5 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
Data Flow Control confidential unconfidential file with file with read write read write file with file with conffidential conffidential unconfidential unconfidential access control ▐ Keep confidential data in confidential domain No Read-Up No Write-Down (Only same level) Restriction to malicious internals ▐ Background TCSEC (Orange book; 1983) ISO/IEC15408 (CC: Common Criteria) Page 6 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
Reference Monitor Concept Reference Query & Monitor Decision making Data Object Request Access Allowed Control User Denied Error Information Information Asset Asset Object Manager ▐ A module that suggests its access control decision ▐ Three characteristics Always invoked Tamperproof Small enough ▐ SELinux performs as reference monitor in Linux kernel Page 7 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
Analogy in Linux and PostgreSQL system Filesystem LSM call permission Filesystem Security Security DAC MAC Server Policy SELinux SQL Database sepgsql ACL PostgreSQL SELinux SE-PostgreSQL Object manager Filesystem PostgreSQL Objects being referenced file, directory, device file, ... Schema, Table, Function, ... Way to request accesses System call SQL DAC Filesystem permission Database ACL MAC LSM & SELinux sepgsql & SELinux Page 8 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
Decision making of SELinux (1/2) ▐ Access control logic like a function •• Filesystem Permission Filesystem Permission •• Database ACL Database ACL •• SELinux SELinux •• others…? others…? Subject Allowed Access Control Object Logic Denied Action Decision Decision Input Output read, write, read, write, select, … select, … •• Owner ID Owner ID •• Permission Bits Permission Bits •• User/Group ID User/Group ID •• ACL ACL •• Superuser Priv Superuser Priv •• Security Label Security Label •• Security Label Security Label Page 9 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
Decision making of SELinux (2/2) ▐ The way to identify Subject/Object Path name? Owner ID? Security Label ▐ Security Label as a universal way for identification Example) system_u:system_r:postgresql_t:s0 system_u:object_r:sepgsql_ro_table_t:s0 ▐ Example of security policy allow staff_t sepgsql_ro_table_t : db_table { select }; 3rd item of the label being referenced 3rd item of the label being referencing Permission set being allowed SELinux uses white-list criteria. SELinux community provides general set of rules in default. Page 10 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
OT: source code of the default security policy Part of the “policy/modules/services/postgresql.te” at the default security policy policy_module(postgresql, 1.12.1) : type sepgsql_schema_t; postgresql_schema_object(sepgsql_schema_t) : type sepgsql_table_t; postgresql_table_object(sepgsql_table_t) : allow sepgsql_admin_type sepgsql_schema_type: db_schema { create drop getattr setattr relabelfrom relabelto search add_name remove_name }; allow sepgsql_client_type sepgsql_schema_t:db_schema { getattr search }; : allow sepgsql_admin_type sepgsql_table_type: db_table { create drop getattr setattr relabelfrom relabelto lock }; allow sepgsql_admin_type sepgsql_table_type: db_column { create drop getattr setattr relabelfrom relabelto }; : allow sepgsql_client_type sepgsql_table_t:db_table { getattr select update insert delete lock }; allow sepgsql_client_type sepgsql_table_t:db_column { getattr use select update insert }; Page 11 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
System-wide consistency in Access control Human user a centralized security server Human user Security Policy SELinux Login Access control Login bash bash vi Filesystem vi Networks psql psql classified unclassified information information X-window PostgreSQL domain of inter process domain of classified processes communication channels unclassified processes Page 12 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
Today’s Agenda ▐ Overview of label based MAC ▐ New features in v9.1 ▐ Our challenges to v9.2 Page 13 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
Features needed to support Label based MAC ▐ Security Label mechanism to associate a short text with a particular database object something like xattr in filesystem cases ▐ Security Hook mechanism to acquire control on strategic points of the code something like LSM in Linux kernel cases ▐ Intermediation with SELinux mechanism to deliver a pair of security labels into SELinux in kernel, and prevents violated accesses according to its decision Page 14 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
v9.1 New Features (1/3) – SECURITY LABEL SECURITY LABEL ON TABLE my_example FOR ‘selinux’ IS ‘system_u:object_r:sepgsql_ro_table_t:s0’; pg_seclabel system catalog classid objid subid provider label 2345 16384 0 ‘selinux’ ‘system_u:object_r:sepgsql_ro_table_t:s0’ Security Label Provider validation validation (module) check check ▐ Overview It enables to assign a text identifier of database objects. It allows security modules to reference security label of a particular object. ▐ Limitations Shared database objects are not supported, right now. Tuples in user-defined tables are not supported, right now. Page 15 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
OT: Labeled Networking staff_u:staff_r:staff_t:s0 getpeercon(3) getpeercon(3) SE-PgSQL IKE IKE Daemon Daemon user process Labeled IPsec connection PostgreSQL Authentication Hook ▐ Labeled Networking SELinux provides getpeercon(3) to get security label of the peer process. Kernel & IKE daemon were enhanced to exchange security labels. • supported on kernel-2.6.18 or later, ipsec-tools 0.72 or later ▐ Usecase in SE-PostgreSQL It obtains security label of the peer process on the authentication hook. Peer security label is applied to subject’s label on access control decision. Page 16 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
v9.1 New Features (2/3) – Object Access Hooks DefineRelation() { 3rd Party modules : CREATE TABLE heap_create_with_catalog() sepgsql.so sepgsql.so sepgsql.so : •• compute a default to check permission to (*object_access_hook) • check permission securitya new table create label, and (OAT_POST_CREATE, ...); assign it a new table of create on the new •• assign security label of : table. security label assign the new table } the new table ▐ Overview It enables 3rd party modules to acquire control on strategic points of the code. E.g) Just after creation of the object for default labeling. The object_access_hook informs event type and object identifiers. ▐ Limitations Only OAT_POST_CREATE event type is supported, right now. May need OAT_CREATE, OAT_ALTER, ... Only object identifiers are informed via this hook, right now. Page 17 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
v9.1 New Features (3/3) – contrib/sepgsql Client auth hook • Event Type • Object IDs Subject security label Query Hook invocation Required access policy Object security label Answer pg_seclabel contrib/sepgsql SELinux ▐ Overview It performs as intermediation between PostgreSQL and SELinux • PostgreSQL ... user Id, object Id, • SELinux ... security label, object class and permission ▐ Limitations only DML permissions are checked, right now default security labels on schemas, tables, columns and procedures Page 18 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
Today’s Agenda ▐ Overview of label based MAC ▐ New features in v9.1 ▐ Our challenges to v9.2 Page 19 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
Limitation in v9.1, and Challenges to v9.2 ▐ Frequent system-call invocations Add access control decision cache ▐ No security label on shared obejct Add pg_shseclabel catalog, and extend SECURITY LABEL ▐ No DDL Permission checks Extend object_access_hook to take arguments Put object_access_hook around existing DDL checks ▐ Row-level access control Fix leaky VIEWs problem Extend security label on user-defined tables Page 20 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
v9.2 challenges (1/3) – Userspace access vector cache PostgreSQL contrib/sepgsql.so read-only mmap(2) read-only mmap(2) Status Page userspace # of loaded access vector invoke cache security (uavc) policy hooks access control SELinux logic (Linux kernel) ▐ Overview uavc keeps access control decision recently used; that allows to reduce number of system call invocations. ▐ Challenges Cache invalidation on security policy reloaded on kernel-side Linux 2.6.38 already support selinux status page. Page 21 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
v9.2 challenges (2/3) – DDL Permissions postgres=# ALTER TABLE drink OWNER TO ymj; LOG: SELinux: denied { setattr } ¥ scontext=unconfined_u:unconfined_r:unconfined_t:s0 ¥ tcontext=system_u:object_r:sepgsql_table_t:s0:c0 ¥ tclass=db_table name=drink ERROR: SELinux: security policy violation ▐ Overview It allows to check permissions on DDL commands also. ▐ Challenges Larger number of strategic points than DML support object_access_hook with additional arguments Page 22 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
v9.2 challenges (3/3) – Row-level security postgres=# SELECT security_label, * FROM drink; security_label | id | name | price -----------------------------------------+----+-------+------- system_u:object_r:sepgsql_table_t:s0 | 1 | coke | 150 system_u:object_r:sepgsql_table_t:s0 | 2 | fanta | 130 system_u:object_r:sepgsql_table_t:s0:c0 | 3 | beer | 200 system_u:object_r:sepgsql_table_t:s0:c1 | 4 | sake | 240 system_u:object_r:sepgsql_table_t:s0:c2 | 5 | juice | 180 (5 rows) ▐ Overview Filter out rows based on security policy and labels of individual tuples ▐ Challenges Fix the problem known as Leaky-VIEWs Security label support for user-defined tables Query rewriter to append security-policy function Interaction with system catalog Page 23 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
Future Vision (1/2) – Role based access control Only DDL, Only DDL, DML not allowed DML not allowed SQL with SQL with confined privileges Database confined privileges Administrator Execute Execute internet Backup SE-PostgreSQL System Log pg_dump/pg_restore Administrator customer Log File Page 24 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
Future Vision (2/2) – Secure multi-tenancy Filesystem Shared Database Resource Filesystem Filesystem Filesystem Database Database Database http://www.blue.com/ http://www.red.com/ http://www.green.com/ blue red green SELinux performs as a logical-wall between security domains. Page 25 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
Summary ▐ Overview of MAC Data flow control and Reference monitor concept SE-PostgreSQL enables to deploy RDBMS within DFC scheme. ▐ Features in v9.1 SECURITY LABEL Object access hooks contrib/sepgsql ▐ Challenges to v9.2 Userspace access vector cache DDL Permissions Row-level access control Page 26 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
Any Questions?
Thank you!
Label based Mandatory Access Control on PostgreSQL

Recommended

Security Enhanced PostgreSQL - System-wide consistency in access control
Security Enhanced PostgreSQL - System-wide consistency in access controlSecurity Enhanced PostgreSQL - System-wide consistency in access control
Security Enhanced PostgreSQL - System-wide consistency in access controlKohei KaiGai
 
Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLBest Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLEDB
 
Interpreter, Compiler, JIT from scratch
Interpreter, Compiler, JIT from scratchInterpreter, Compiler, JIT from scratch
Interpreter, Compiler, JIT from scratchNational Cheng Kung University
 
PostgreSql query planning and tuning
PostgreSql query planning and tuningPostgreSql query planning and tuning
PostgreSql query planning and tuningFederico Campoli
 
DDoS Engelleme Ürünleri
DDoS Engelleme ÜrünleriDDoS Engelleme Ürünleri
DDoS Engelleme ÜrünleriBGA Cyber Security
 
Make static instrumentation great again, High performance fuzzing for Windows...
Make static instrumentation great again, High performance fuzzing for Windows...Make static instrumentation great again, High performance fuzzing for Windows...
Make static instrumentation great again, High performance fuzzing for Windows...Lucas Leong
 
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Quest
 
Learning postgresql
Learning postgresqlLearning postgresql
Learning postgresqlDAVID RAUDALES
 

Recommended

Security Enhanced PostgreSQL - System-wide consistency in access control
Security Enhanced PostgreSQL - System-wide consistency in access controlSecurity Enhanced PostgreSQL - System-wide consistency in access control
Security Enhanced PostgreSQL - System-wide consistency in access controlKohei KaiGai
 
Best Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLBest Practices in Security with PostgreSQL
Best Practices in Security with PostgreSQLEDB
 
Interpreter, Compiler, JIT from scratch
Interpreter, Compiler, JIT from scratchInterpreter, Compiler, JIT from scratch
Interpreter, Compiler, JIT from scratchNational Cheng Kung University
 
PostgreSql query planning and tuning
PostgreSql query planning and tuningPostgreSql query planning and tuning
PostgreSql query planning and tuningFederico Campoli
 
DDoS Engelleme Ürünleri
DDoS Engelleme ÜrünleriDDoS Engelleme Ürünleri
DDoS Engelleme ÜrünleriBGA Cyber Security
 
Make static instrumentation great again, High performance fuzzing for Windows...
Make static instrumentation great again, High performance fuzzing for Windows...Make static instrumentation great again, High performance fuzzing for Windows...
Make static instrumentation great again, High performance fuzzing for Windows...Lucas Leong
 
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...
Understanding "Red Forest" - The 3-Tier ESAE and Alternative Ways to Protect ...Quest
 
Learning postgresql
Learning postgresqlLearning postgresql
Learning postgresqlDAVID RAUDALES
 
Git and github 101
Git and github 101Git and github 101
Git and github 101Senthilkumar Gopal
 
GitLab.pptx
GitLab.pptxGitLab.pptx
GitLab.pptxLeoulZewelde1
 
Comandos tivoli storage manager
Comandos tivoli storage manager Comandos tivoli storage manager
Comandos tivoli storage manager Wilbert Fernando Alvarez Tirado
 
Understanding PostgreSQL LW Locks
Understanding PostgreSQL LW LocksUnderstanding PostgreSQL LW Locks
Understanding PostgreSQL LW LocksJignesh Shah
 
Mastering PostgreSQL Administration
Mastering PostgreSQL AdministrationMastering PostgreSQL Administration
Mastering PostgreSQL AdministrationEDB
 
BTRisk Zararlı Yazılım Analizi Eğitimi Sunumu - Bölüm 2
BTRisk Zararlı Yazılım Analizi Eğitimi Sunumu - Bölüm 2BTRisk Zararlı Yazılım Analizi Eğitimi Sunumu - Bölüm 2
BTRisk Zararlı Yazılım Analizi Eğitimi Sunumu - Bölüm 2BTRisk Bilgi Güvenliği ve BT Yönetişim Hizmetleri
 
PostgreSQL Administration for System Administrators
PostgreSQL Administration for System AdministratorsPostgreSQL Administration for System Administrators
PostgreSQL Administration for System AdministratorsCommand Prompt., Inc
 
ProxySQL on Kubernetes
ProxySQL on KubernetesProxySQL on Kubernetes
ProxySQL on KubernetesRené Cannaò
 
CloudNativePGを動かしてみた! ~PostgreSQL on Kubernetes~(第34回PostgreSQLアンカンファレンス@オンライ...
CloudNativePGを動かしてみた! ~PostgreSQL on Kubernetes~(第34回PostgreSQLアンカンファレンス@オンライ...CloudNativePGを動かしてみた! ~PostgreSQL on Kubernetes~(第34回PostgreSQLアンカンファレンス@オンライ...
CloudNativePGを動かしてみた! ~PostgreSQL on Kubernetes~(第34回PostgreSQLアンカンファレンス@オンライ...NTT DATA Technology & Innovation
 
Spring 12年の歴史
Spring 12年の歴史Spring 12年の歴史
Spring 12年の歴史movmov
 
MinIO January 2020 Briefing
MinIO January 2020 BriefingMinIO January 2020 Briefing
MinIO January 2020 BriefingJonathan Symonds
 
PostgreSQL Performance Tuning
PostgreSQL Performance TuningPostgreSQL Performance Tuning
PostgreSQL Performance Tuningelliando dias
 
PostgreSQL
PostgreSQLPostgreSQL
PostgreSQLAmazon Web Services
 
CloudFront経由でのCORS利用
CloudFront経由でのCORS利用CloudFront経由でのCORS利用
CloudFront経由でのCORS利用Yuta Imai
 
PostgreSQLでpg_bigmを使って日本語全文検索 (MySQLとPostgreSQLの日本語全文検索勉強会 発表資料)
PostgreSQLでpg_bigmを使って日本語全文検索 (MySQLとPostgreSQLの日本語全文検索勉強会 発表資料)PostgreSQLでpg_bigmを使って日本語全文検索 (MySQLとPostgreSQLの日本語全文検索勉強会 発表資料)
PostgreSQLでpg_bigmを使って日本語全文検索 (MySQLとPostgreSQLの日本語全文検索勉強会 発表資料)NTT DATA OSS Professional Services
 
Hadoop Compatible File Systems 2019 (db tech showcase 2019 Tokyo講演資料、2019/09/25)
Hadoop Compatible File Systems 2019 (db tech showcase 2019 Tokyo講演資料、2019/09/25)Hadoop Compatible File Systems 2019 (db tech showcase 2019 Tokyo講演資料、2019/09/25)
Hadoop Compatible File Systems 2019 (db tech showcase 2019 Tokyo講演資料、2019/09/25)NTT DATA Technology & Innovation
 
SELinux for Everyday Users
SELinux for Everyday UsersSELinux for Everyday Users
SELinux for Everyday UsersPaulWay
 
Transparent Data Encryption in PostgreSQL
Transparent Data Encryption in PostgreSQLTransparent Data Encryption in PostgreSQL
Transparent Data Encryption in PostgreSQLMasahiko Sawada
 
Continuous Integration and Kamailio
Continuous Integration and KamailioContinuous Integration and Kamailio
Continuous Integration and KamailioGiacomo Vacca
 
企業システムにSELinuxを適用するときの検討事項
企業システムにSELinuxを適用するときの検討事項企業システムにSELinuxを適用するときの検討事項
企業システムにSELinuxを適用するときの検討事項Atsushi Mitsu
 
Date security security principles
Date security security principlesDate security security principles
Date security security principlesLeo Mark Villar
 
Adding Extended Attribute Support to NFS
Adding Extended Attribute Support to NFSAdding Extended Attribute Support to NFS
Adding Extended Attribute Support to NFSJames Morris
 

More Related Content

What's hot

Understanding PostgreSQL LW Locks
Understanding PostgreSQL LW LocksUnderstanding PostgreSQL LW Locks
Understanding PostgreSQL LW LocksJignesh Shah
 
Mastering PostgreSQL Administration
Mastering PostgreSQL AdministrationMastering PostgreSQL Administration
Mastering PostgreSQL AdministrationEDB
 
PostgreSQL Administration for System Administrators
PostgreSQL Administration for System AdministratorsPostgreSQL Administration for System Administrators
PostgreSQL Administration for System AdministratorsCommand Prompt., Inc
 
ProxySQL on Kubernetes
ProxySQL on KubernetesProxySQL on Kubernetes
ProxySQL on KubernetesRené Cannaò
 
CloudNativePGを動かしてみた! ~PostgreSQL on Kubernetes~(第34回PostgreSQLアンカンファレンス@オンライ...
CloudNativePGを動かしてみた! ~PostgreSQL on Kubernetes~(第34回PostgreSQLアンカンファレンス@オンライ...CloudNativePGを動かしてみた! ~PostgreSQL on Kubernetes~(第34回PostgreSQLアンカンファレンス@オンライ...
CloudNativePGを動かしてみた! ~PostgreSQL on Kubernetes~(第34回PostgreSQLアンカンファレンス@オンライ...NTT DATA Technology & Innovation
 
Spring 12年の歴史
Spring 12年の歴史Spring 12年の歴史
Spring 12年の歴史movmov
 
MinIO January 2020 Briefing
MinIO January 2020 BriefingMinIO January 2020 Briefing
MinIO January 2020 BriefingJonathan Symonds
 
PostgreSQL Performance Tuning
PostgreSQL Performance TuningPostgreSQL Performance Tuning
PostgreSQL Performance Tuningelliando dias
 
CloudFront経由でのCORS利用
CloudFront経由でのCORS利用CloudFront経由でのCORS利用
CloudFront経由でのCORS利用Yuta Imai
 
PostgreSQLでpg_bigmを使って日本語全文検索 (MySQLとPostgreSQLの日本語全文検索勉強会 発表資料)
PostgreSQLでpg_bigmを使って日本語全文検索 (MySQLとPostgreSQLの日本語全文検索勉強会 発表資料)PostgreSQLでpg_bigmを使って日本語全文検索 (MySQLとPostgreSQLの日本語全文検索勉強会 発表資料)
PostgreSQLでpg_bigmを使って日本語全文検索 (MySQLとPostgreSQLの日本語全文検索勉強会 発表資料)NTT DATA OSS Professional Services
 
Hadoop Compatible File Systems 2019 (db tech showcase 2019 Tokyo講演資料、2019/09/25)
Hadoop Compatible File Systems 2019 (db tech showcase 2019 Tokyo講演資料、2019/09/25)Hadoop Compatible File Systems 2019 (db tech showcase 2019 Tokyo講演資料、2019/09/25)
Hadoop Compatible File Systems 2019 (db tech showcase 2019 Tokyo講演資料、2019/09/25)NTT DATA Technology & Innovation
 
SELinux for Everyday Users
SELinux for Everyday UsersSELinux for Everyday Users
SELinux for Everyday UsersPaulWay
 
Transparent Data Encryption in PostgreSQL
Transparent Data Encryption in PostgreSQLTransparent Data Encryption in PostgreSQL
Transparent Data Encryption in PostgreSQLMasahiko Sawada
 
Continuous Integration and Kamailio
Continuous Integration and KamailioContinuous Integration and Kamailio
Continuous Integration and KamailioGiacomo Vacca
 
企業システムにSELinuxを適用するときの検討事項
企業システムにSELinuxを適用するときの検討事項企業システムにSELinuxを適用するときの検討事項
企業システムにSELinuxを適用するときの検討事項Atsushi Mitsu
 

What's hot (20)

Git and github 101
Git and github 101Git and github 101
Git and github 101
 
GitLab.pptx
GitLab.pptxGitLab.pptx
GitLab.pptx
 
Comandos tivoli storage manager
Comandos tivoli storage manager Comandos tivoli storage manager
Comandos tivoli storage manager
 
Understanding PostgreSQL LW Locks
Understanding PostgreSQL LW LocksUnderstanding PostgreSQL LW Locks
Understanding PostgreSQL LW Locks
 
Mastering PostgreSQL Administration
Mastering PostgreSQL AdministrationMastering PostgreSQL Administration
Mastering PostgreSQL Administration
 
BTRisk Zararlı Yazılım Analizi Eğitimi Sunumu - Bölüm 2
BTRisk Zararlı Yazılım Analizi Eğitimi Sunumu - Bölüm 2BTRisk Zararlı Yazılım Analizi Eğitimi Sunumu - Bölüm 2
BTRisk Zararlı Yazılım Analizi Eğitimi Sunumu - Bölüm 2
 
PostgreSQL Administration for System Administrators
PostgreSQL Administration for System AdministratorsPostgreSQL Administration for System Administrators
PostgreSQL Administration for System Administrators
 
ProxySQL on Kubernetes
ProxySQL on KubernetesProxySQL on Kubernetes
ProxySQL on Kubernetes
 
CloudNativePGを動かしてみた! ~PostgreSQL on Kubernetes~(第34回PostgreSQLアンカンファレンス@オンライ...
CloudNativePGを動かしてみた! ~PostgreSQL on Kubernetes~(第34回PostgreSQLアンカンファレンス@オンライ...CloudNativePGを動かしてみた! ~PostgreSQL on Kubernetes~(第34回PostgreSQLアンカンファレンス@オンライ...
CloudNativePGを動かしてみた! ~PostgreSQL on Kubernetes~(第34回PostgreSQLアンカンファレンス@オンライ...
 
Spring 12年の歴史
Spring 12年の歴史Spring 12年の歴史
Spring 12年の歴史
 
MinIO January 2020 Briefing
MinIO January 2020 BriefingMinIO January 2020 Briefing
MinIO January 2020 Briefing
 
PostgreSQL Performance Tuning
PostgreSQL Performance TuningPostgreSQL Performance Tuning
PostgreSQL Performance Tuning
 
PostgreSQL
PostgreSQLPostgreSQL
PostgreSQL
 
CloudFront経由でのCORS利用
CloudFront経由でのCORS利用CloudFront経由でのCORS利用
CloudFront経由でのCORS利用
 
PostgreSQLでpg_bigmを使って日本語全文検索 (MySQLとPostgreSQLの日本語全文検索勉強会 発表資料)
PostgreSQLでpg_bigmを使って日本語全文検索 (MySQLとPostgreSQLの日本語全文検索勉強会 発表資料)PostgreSQLでpg_bigmを使って日本語全文検索 (MySQLとPostgreSQLの日本語全文検索勉強会 発表資料)
PostgreSQLでpg_bigmを使って日本語全文検索 (MySQLとPostgreSQLの日本語全文検索勉強会 発表資料)
 
Hadoop Compatible File Systems 2019 (db tech showcase 2019 Tokyo講演資料、2019/09/25)
Hadoop Compatible File Systems 2019 (db tech showcase 2019 Tokyo講演資料、2019/09/25)Hadoop Compatible File Systems 2019 (db tech showcase 2019 Tokyo講演資料、2019/09/25)
Hadoop Compatible File Systems 2019 (db tech showcase 2019 Tokyo講演資料、2019/09/25)
 
SELinux for Everyday Users
SELinux for Everyday UsersSELinux for Everyday Users
SELinux for Everyday Users
 
Transparent Data Encryption in PostgreSQL
Transparent Data Encryption in PostgreSQLTransparent Data Encryption in PostgreSQL
Transparent Data Encryption in PostgreSQL
 
Continuous Integration and Kamailio
Continuous Integration and KamailioContinuous Integration and Kamailio
Continuous Integration and Kamailio
 
企業システムにSELinuxを適用するときの検討事項
企業システムにSELinuxを適用するときの検討事項企業システムにSELinuxを適用するときの検討事項
企業システムにSELinuxを適用するときの検討事項
 

Viewers also liked

Date security security principles
Date security security principlesDate security security principles
Date security security principlesLeo Mark Villar
 
Adding Extended Attribute Support to NFS
Adding Extended Attribute Support to NFSAdding Extended Attribute Support to NFS
Adding Extended Attribute Support to NFSJames Morris
 
MR201406 A Re-introduction to SELinux
MR201406 A Re-introduction to SELinuxMR201406 A Re-introduction to SELinux
MR201406 A Re-introduction to SELinuxFFRI, Inc.
 
[INFOREVER] 시큐리티 프레임웍 #6
[INFOREVER] 시큐리티 프레임웍 #6 [INFOREVER] 시큐리티 프레임웍 #6
[INFOREVER] 시큐리티 프레임웍 #6 skccsocial
 
Open splice dds security
Open splice dds securityOpen splice dds security
Open splice dds securityRamzi Karoui
 
Multi-tenancy with Rails
Multi-tenancy with RailsMulti-tenancy with Rails
Multi-tenancy with RailsPaul Gallagher
 
Access Control for Linked Data: Past, Present and Future
Access Control for Linked Data: Past, Present and FutureAccess Control for Linked Data: Past, Present and Future
Access Control for Linked Data: Past, Present and FutureSabrina Kirrane
 
Docker - container and lightweight virtualization
Docker - container and lightweight virtualization Docker - container and lightweight virtualization
Docker - container and lightweight virtualization Sim Janghoon
 
120515 security framework2.20
120515 security framework2.20120515 security framework2.20
120515 security framework2.20skccsocial
 
Best Practices for Becoming an Exceptional Postgres DBA
Best Practices for Becoming an Exceptional Postgres DBA Best Practices for Becoming an Exceptional Postgres DBA
Best Practices for Becoming an Exceptional Postgres DBA EDB
 
Sua 정보보호관리체계 최종_강의교안
Sua 정보보호관리체계 최종_강의교안Sua 정보보호관리체계 최종_강의교안
Sua 정보보호관리체계 최종_강의교안Lee Chanwoo
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control PresentationWajahat Rajab
 
OpenSplice Security Module
OpenSplice Security ModuleOpenSplice Security Module
OpenSplice Security ModuleAngelo Corsaro
 
Understanding SELinux For the Win
Understanding SELinux For the WinUnderstanding SELinux For the Win
Understanding SELinux For the Winbmbouter
 

Viewers also liked (16)

Date security security principles
Date security security principlesDate security security principles
Date security security principles
 
Adding Extended Attribute Support to NFS
Adding Extended Attribute Support to NFSAdding Extended Attribute Support to NFS
Adding Extended Attribute Support to NFS
 
MR201406 A Re-introduction to SELinux
MR201406 A Re-introduction to SELinuxMR201406 A Re-introduction to SELinux
MR201406 A Re-introduction to SELinux
 
[INFOREVER] 시큐리티 프레임웍 #6
[INFOREVER] 시큐리티 프레임웍 #6 [INFOREVER] 시큐리티 프레임웍 #6
[INFOREVER] 시큐리티 프레임웍 #6
 
Open splice dds security
Open splice dds securityOpen splice dds security
Open splice dds security
 
Week3 lecture
Week3 lectureWeek3 lecture
Week3 lecture
 
Multi tenancy with PostgreSQL
Multi tenancy with PostgreSQLMulti tenancy with PostgreSQL
Multi tenancy with PostgreSQL
 
Multi-tenancy with Rails
Multi-tenancy with RailsMulti-tenancy with Rails
Multi-tenancy with Rails
 
Access Control for Linked Data: Past, Present and Future
Access Control for Linked Data: Past, Present and FutureAccess Control for Linked Data: Past, Present and Future
Access Control for Linked Data: Past, Present and Future
 
Docker - container and lightweight virtualization
Docker - container and lightweight virtualization Docker - container and lightweight virtualization
Docker - container and lightweight virtualization
 
120515 security framework2.20
120515 security framework2.20120515 security framework2.20
120515 security framework2.20
 
Best Practices for Becoming an Exceptional Postgres DBA
Best Practices for Becoming an Exceptional Postgres DBA Best Practices for Becoming an Exceptional Postgres DBA
Best Practices for Becoming an Exceptional Postgres DBA
 
Sua 정보보호관리체계 최종_강의교안
Sua 정보보호관리체계 최종_강의교안Sua 정보보호관리체계 최종_강의교안
Sua 정보보호관리체계 최종_강의교안
 
Access Control Presentation
Access Control PresentationAccess Control Presentation
Access Control Presentation
 
OpenSplice Security Module
OpenSplice Security ModuleOpenSplice Security Module
OpenSplice Security Module
 
Understanding SELinux For the Win
Understanding SELinux For the WinUnderstanding SELinux For the Win
Understanding SELinux For the Win
 

Similar to Label based Mandatory Access Control on PostgreSQL

The Security-Enhanced PostgreSQL - "system wide" consistency in access control
The Security-Enhanced PostgreSQL - "system wide" consistency in access controlThe Security-Enhanced PostgreSQL - "system wide" consistency in access control
The Security-Enhanced PostgreSQL - "system wide" consistency in access controlKohei KaiGai
 
LAPP/SELinux - A secure web application stack using SE-PostgreSQL
LAPP/SELinux - A secure web application stack using SE-PostgreSQLLAPP/SELinux - A secure web application stack using SE-PostgreSQL
LAPP/SELinux - A secure web application stack using SE-PostgreSQLKohei KaiGai
 
SE-PostgreSQL - System wide consistency of access control
SE-PostgreSQL - System wide consistency of access controlSE-PostgreSQL - System wide consistency of access control
SE-PostgreSQL - System wide consistency of access controlKohei KaiGai
 
Getting Memcached Secure
Getting Memcached SecureGetting Memcached Secure
Getting Memcached SecureKohei KaiGai
 
LAPP/SELinux - A secure web application stack powered by SELinux
LAPP/SELinux - A secure web application stack powered by SELinuxLAPP/SELinux - A secure web application stack powered by SELinux
LAPP/SELinux - A secure web application stack powered by SELinuxKohei KaiGai
 
Cybersecurity exchange briefing oct 2012 v2
Cybersecurity exchange briefing oct 2012 v2Cybersecurity exchange briefing oct 2012 v2
Cybersecurity exchange briefing oct 2012 v2Naba Barkakati
 
Windows server 2012 security Webinar
Windows server 2012 security WebinarWindows server 2012 security Webinar
Windows server 2012 security WebinarThe eCore Group
 
Fedramp developing-system-security-plan-slides
Fedramp developing-system-security-plan-slidesFedramp developing-system-security-plan-slides
Fedramp developing-system-security-plan-slidesTuan Phan
 
SANS Institute Product Review: Oracle Entitlements Server
SANS Institute Product Review: Oracle Entitlements ServerSANS Institute Product Review: Oracle Entitlements Server
SANS Institute Product Review: Oracle Entitlements ServerOracleIDM
 
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...IBM Danmark
 
Windows Server 2008 Security Overview Short
Windows Server 2008 Security Overview ShortWindows Server 2008 Security Overview Short
Windows Server 2008 Security Overview ShortEduardo Castro
 
Windows Server 2008 Security Overview Short
Windows Server 2008 Security Overview ShortWindows Server 2008 Security Overview Short
Windows Server 2008 Security Overview ShortEduardo Castro
 
HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010Andris Soroka
 
Nagios Conference 2012 - Andreas Ericsson - Merlin
Nagios Conference 2012 - Andreas Ericsson - MerlinNagios Conference 2012 - Andreas Ericsson - Merlin
Nagios Conference 2012 - Andreas Ericsson - MerlinNagios
 
Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...
Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...
Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...RUDDER
 
Rudder - Configuration management benefits for everyone (FOSDEM 2012)
Rudder - Configuration management benefits for everyone (FOSDEM 2012)Rudder - Configuration management benefits for everyone (FOSDEM 2012)
Rudder - Configuration management benefits for everyone (FOSDEM 2012)RUDDER
 
What’s new in windows server 2012
What’s new in windows server 2012What’s new in windows server 2012
What’s new in windows server 2012Alex de Jong
 
Centralizing sequence analysis
Centralizing sequence analysisCentralizing sequence analysis
Centralizing sequence analysisDenis C. Bauer
 

Similar to Label based Mandatory Access Control on PostgreSQL (20)

The Security-Enhanced PostgreSQL - "system wide" consistency in access control
The Security-Enhanced PostgreSQL - "system wide" consistency in access controlThe Security-Enhanced PostgreSQL - "system wide" consistency in access control
The Security-Enhanced PostgreSQL - "system wide" consistency in access control
 
LAPP/SELinux - A secure web application stack using SE-PostgreSQL
LAPP/SELinux - A secure web application stack using SE-PostgreSQLLAPP/SELinux - A secure web application stack using SE-PostgreSQL
LAPP/SELinux - A secure web application stack using SE-PostgreSQL
 
SE-PostgreSQL - System wide consistency of access control
SE-PostgreSQL - System wide consistency of access controlSE-PostgreSQL - System wide consistency of access control
SE-PostgreSQL - System wide consistency of access control
 
Getting Memcached Secure
Getting Memcached SecureGetting Memcached Secure
Getting Memcached Secure
 
LAPP/SELinux - A secure web application stack powered by SELinux
LAPP/SELinux - A secure web application stack powered by SELinuxLAPP/SELinux - A secure web application stack powered by SELinux
LAPP/SELinux - A secure web application stack powered by SELinux
 
Cybersecurity exchange briefing oct 2012 v2
Cybersecurity exchange briefing oct 2012 v2Cybersecurity exchange briefing oct 2012 v2
Cybersecurity exchange briefing oct 2012 v2
 
QualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
QualysGuard InfoDay 2012 - Secure Digital Vault for QualysQualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
QualysGuard InfoDay 2012 - Secure Digital Vault for Qualys
 
Windows server 2012 security Webinar
Windows server 2012 security WebinarWindows server 2012 security Webinar
Windows server 2012 security Webinar
 
Fedramp developing-system-security-plan-slides
Fedramp developing-system-security-plan-slidesFedramp developing-system-security-plan-slides
Fedramp developing-system-security-plan-slides
 
SANS Institute Product Review: Oracle Entitlements Server
SANS Institute Product Review: Oracle Entitlements ServerSANS Institute Product Review: Oracle Entitlements Server
SANS Institute Product Review: Oracle Entitlements Server
 
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...
Ved du, hvor dine data er - og hvem, der har adgang til dem? Ron Ben Natan, I...
 
Windows Server 2008 Security Overview Short
Windows Server 2008 Security Overview ShortWindows Server 2008 Security Overview Short
Windows Server 2008 Security Overview Short
 
Windows Server 2008 Security Overview Short
Windows Server 2008 Security Overview ShortWindows Server 2008 Security Overview Short
Windows Server 2008 Security Overview Short
 
HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010HTLV - DSS @Vilnius 2010
HTLV - DSS @Vilnius 2010
 
Nagios Conference 2012 - Andreas Ericsson - Merlin
Nagios Conference 2012 - Andreas Ericsson - MerlinNagios Conference 2012 - Andreas Ericsson - Merlin
Nagios Conference 2012 - Andreas Ericsson - Merlin
 
Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...
Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...
Configuration management benefits for everyone - Rudder @ FLOSSUK Spring Conf...
 
Rudder - Configuration management benefits for everyone (FOSDEM 2012)
Rudder - Configuration management benefits for everyone (FOSDEM 2012)Rudder - Configuration management benefits for everyone (FOSDEM 2012)
Rudder - Configuration management benefits for everyone (FOSDEM 2012)
 
Datasheet stonegate fw-allinone
Datasheet stonegate fw-allinoneDatasheet stonegate fw-allinone
Datasheet stonegate fw-allinone
 
What’s new in windows server 2012
What’s new in windows server 2012What’s new in windows server 2012
What’s new in windows server 2012
 
Centralizing sequence analysis
Centralizing sequence analysisCentralizing sequence analysis
Centralizing sequence analysis
 

More from Kohei KaiGai

20221116_DBTS_PGStrom_History
20221116_DBTS_PGStrom_History20221116_DBTS_PGStrom_History
20221116_DBTS_PGStrom_HistoryKohei KaiGai
 
20221111_JPUG_CustomScan_API
20221111_JPUG_CustomScan_API20221111_JPUG_CustomScan_API
20221111_JPUG_CustomScan_APIKohei KaiGai
 
20211112_jpugcon_gpu_and_arrow
20211112_jpugcon_gpu_and_arrow20211112_jpugcon_gpu_and_arrow
20211112_jpugcon_gpu_and_arrowKohei KaiGai
 
20210928_pgunconf_hll_count
20210928_pgunconf_hll_count20210928_pgunconf_hll_count
20210928_pgunconf_hll_countKohei KaiGai
 
20210731_OSC_Kyoto_PGStrom3.0
20210731_OSC_Kyoto_PGStrom3.020210731_OSC_Kyoto_PGStrom3.0
20210731_OSC_Kyoto_PGStrom3.0Kohei KaiGai
 
20210511_PGStrom_GpuCache
20210511_PGStrom_GpuCache20210511_PGStrom_GpuCache
20210511_PGStrom_GpuCacheKohei KaiGai
 
20210301_PGconf_Online_GPU_PostGIS_GiST_Index
20210301_PGconf_Online_GPU_PostGIS_GiST_Index20210301_PGconf_Online_GPU_PostGIS_GiST_Index
20210301_PGconf_Online_GPU_PostGIS_GiST_IndexKohei KaiGai
 
20201128_OSC_Fukuoka_Online_GPUPostGIS
20201128_OSC_Fukuoka_Online_GPUPostGIS20201128_OSC_Fukuoka_Online_GPUPostGIS
20201128_OSC_Fukuoka_Online_GPUPostGISKohei KaiGai
 
20201113_PGconf_Japan_GPU_PostGIS
20201113_PGconf_Japan_GPU_PostGIS20201113_PGconf_Japan_GPU_PostGIS
20201113_PGconf_Japan_GPU_PostGISKohei KaiGai
 
20201006_PGconf_Online_Large_Data_Processing
20201006_PGconf_Online_Large_Data_Processing20201006_PGconf_Online_Large_Data_Processing
20201006_PGconf_Online_Large_Data_ProcessingKohei KaiGai
 
20200828_OSCKyoto_Online
20200828_OSCKyoto_Online20200828_OSCKyoto_Online
20200828_OSCKyoto_OnlineKohei KaiGai
 
20200806_PGStrom_PostGIS_GstoreFdw
20200806_PGStrom_PostGIS_GstoreFdw20200806_PGStrom_PostGIS_GstoreFdw
20200806_PGStrom_PostGIS_GstoreFdwKohei KaiGai
 
20200424_Writable_Arrow_Fdw
20200424_Writable_Arrow_Fdw20200424_Writable_Arrow_Fdw
20200424_Writable_Arrow_FdwKohei KaiGai
 
20191211_Apache_Arrow_Meetup_Tokyo
20191211_Apache_Arrow_Meetup_Tokyo20191211_Apache_Arrow_Meetup_Tokyo
20191211_Apache_Arrow_Meetup_TokyoKohei KaiGai
 
20191115-PGconf.Japan
20191115-PGconf.Japan20191115-PGconf.Japan
20191115-PGconf.JapanKohei KaiGai
 
20190926_Try_RHEL8_NVMEoF_Beta
20190926_Try_RHEL8_NVMEoF_Beta20190926_Try_RHEL8_NVMEoF_Beta
20190926_Try_RHEL8_NVMEoF_BetaKohei KaiGai
 
20190925_DBTS_PGStrom
20190925_DBTS_PGStrom20190925_DBTS_PGStrom
20190925_DBTS_PGStromKohei KaiGai
 
20190909_PGconf.ASIA_KaiGai
20190909_PGconf.ASIA_KaiGai20190909_PGconf.ASIA_KaiGai
20190909_PGconf.ASIA_KaiGaiKohei KaiGai
 
20190516_DLC10_PGStrom
20190516_DLC10_PGStrom20190516_DLC10_PGStrom
20190516_DLC10_PGStromKohei KaiGai
 
20190418_PGStrom_on_ArrowFdw
20190418_PGStrom_on_ArrowFdw20190418_PGStrom_on_ArrowFdw
20190418_PGStrom_on_ArrowFdwKohei KaiGai
 

More from Kohei KaiGai (20)

20221116_DBTS_PGStrom_History
20221116_DBTS_PGStrom_History20221116_DBTS_PGStrom_History
20221116_DBTS_PGStrom_History
 
20221111_JPUG_CustomScan_API
20221111_JPUG_CustomScan_API20221111_JPUG_CustomScan_API
20221111_JPUG_CustomScan_API
 
20211112_jpugcon_gpu_and_arrow
20211112_jpugcon_gpu_and_arrow20211112_jpugcon_gpu_and_arrow
20211112_jpugcon_gpu_and_arrow
 
20210928_pgunconf_hll_count
20210928_pgunconf_hll_count20210928_pgunconf_hll_count
20210928_pgunconf_hll_count
 
20210731_OSC_Kyoto_PGStrom3.0
20210731_OSC_Kyoto_PGStrom3.020210731_OSC_Kyoto_PGStrom3.0
20210731_OSC_Kyoto_PGStrom3.0
 
20210511_PGStrom_GpuCache
20210511_PGStrom_GpuCache20210511_PGStrom_GpuCache
20210511_PGStrom_GpuCache
 
20210301_PGconf_Online_GPU_PostGIS_GiST_Index
20210301_PGconf_Online_GPU_PostGIS_GiST_Index20210301_PGconf_Online_GPU_PostGIS_GiST_Index
20210301_PGconf_Online_GPU_PostGIS_GiST_Index
 
20201128_OSC_Fukuoka_Online_GPUPostGIS
20201128_OSC_Fukuoka_Online_GPUPostGIS20201128_OSC_Fukuoka_Online_GPUPostGIS
20201128_OSC_Fukuoka_Online_GPUPostGIS
 
20201113_PGconf_Japan_GPU_PostGIS
20201113_PGconf_Japan_GPU_PostGIS20201113_PGconf_Japan_GPU_PostGIS
20201113_PGconf_Japan_GPU_PostGIS
 
20201006_PGconf_Online_Large_Data_Processing
20201006_PGconf_Online_Large_Data_Processing20201006_PGconf_Online_Large_Data_Processing
20201006_PGconf_Online_Large_Data_Processing
 
20200828_OSCKyoto_Online
20200828_OSCKyoto_Online20200828_OSCKyoto_Online
20200828_OSCKyoto_Online
 
20200806_PGStrom_PostGIS_GstoreFdw
20200806_PGStrom_PostGIS_GstoreFdw20200806_PGStrom_PostGIS_GstoreFdw
20200806_PGStrom_PostGIS_GstoreFdw
 
20200424_Writable_Arrow_Fdw
20200424_Writable_Arrow_Fdw20200424_Writable_Arrow_Fdw
20200424_Writable_Arrow_Fdw
 
20191211_Apache_Arrow_Meetup_Tokyo
20191211_Apache_Arrow_Meetup_Tokyo20191211_Apache_Arrow_Meetup_Tokyo
20191211_Apache_Arrow_Meetup_Tokyo
 
20191115-PGconf.Japan
20191115-PGconf.Japan20191115-PGconf.Japan
20191115-PGconf.Japan
 
20190926_Try_RHEL8_NVMEoF_Beta
20190926_Try_RHEL8_NVMEoF_Beta20190926_Try_RHEL8_NVMEoF_Beta
20190926_Try_RHEL8_NVMEoF_Beta
 
20190925_DBTS_PGStrom
20190925_DBTS_PGStrom20190925_DBTS_PGStrom
20190925_DBTS_PGStrom
 
20190909_PGconf.ASIA_KaiGai
20190909_PGconf.ASIA_KaiGai20190909_PGconf.ASIA_KaiGai
20190909_PGconf.ASIA_KaiGai
 
20190516_DLC10_PGStrom
20190516_DLC10_PGStrom20190516_DLC10_PGStrom
20190516_DLC10_PGStrom
 
20190418_PGStrom_on_ArrowFdw
20190418_PGStrom_on_ArrowFdw20190418_PGStrom_on_ArrowFdw
20190418_PGStrom_on_ArrowFdw
 

Recently uploaded

(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607dollysharma2066
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Pereraictsugar
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCRashishs7044
 
Chapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditChapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditNhtLNguyn9
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCRashishs7044
 
8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCRashishs7044
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCRashishs7044
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03DallasHaselhorst
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMintel Group
 
Kenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby AfricaKenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby Africaictsugar
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyotictsugar
 
Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFChandresh Chudasama
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607dollysharma2066
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfrichard876048
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCRashishs7044
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationAnamaria Contreras
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfJos Voskuil
 
Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Anamaria Contreras
 

Recently uploaded (20)

Corporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information TechnologyCorporate Profile 47Billion Information Technology
Corporate Profile 47Billion Information Technology
 
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
(Best) ENJOY Call Girls in Faridabad Ex | 8377087607
 
Kenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith PereraKenya Coconut Production Presentation by Dr. Lalith Perera
Kenya Coconut Production Presentation by Dr. Lalith Perera
 
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
8447779800, Low rate Call girls in New Ashok Nagar Delhi NCR
 
Chapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal auditChapter 9 PPT 4th edition.pdf internal audit
Chapter 9 PPT 4th edition.pdf internal audit
 
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
8447779800, Low rate Call girls in Shivaji Enclave Delhi NCR
 
8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR8447779800, Low rate Call girls in Rohini Delhi NCR
8447779800, Low rate Call girls in Rohini Delhi NCR
 
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
8447779800, Low rate Call girls in Kotla Mubarakpur Delhi NCR
 
Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03Cybersecurity Awareness Training Presentation v2024.03
Cybersecurity Awareness Training Presentation v2024.03
 
Market Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 EditionMarket Sizes Sample Report - 2024 Edition
Market Sizes Sample Report - 2024 Edition
 
Kenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby AfricaKenya’s Coconut Value Chain by Gatsby Africa
Kenya’s Coconut Value Chain by Gatsby Africa
 
Investment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy CheruiyotInvestment in The Coconut Industry by Nancy Cheruiyot
Investment in The Coconut Industry by Nancy Cheruiyot
 
Guide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDFGuide Complete Set of Residential Architectural Drawings PDF
Guide Complete Set of Residential Architectural Drawings PDF
 
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607FULL ENJOY Call girls in Paharganj Delhi | 8377087607
FULL ENJOY Call girls in Paharganj Delhi | 8377087607
 
Innovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdfInnovation Conference 5th March 2024.pdf
Innovation Conference 5th March 2024.pdf
 
8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR8447779800, Low rate Call girls in Saket Delhi NCR
8447779800, Low rate Call girls in Saket Delhi NCR
 
PSCC - Capability Statement Presentation
PSCC - Capability Statement PresentationPSCC - Capability Statement Presentation
PSCC - Capability Statement Presentation
 
Digital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdfDigital Transformation in the PLM domain - distrib.pdf
Digital Transformation in the PLM domain - distrib.pdf
 
Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.Traction part 2 - EOS Model JAX Bridges.
Traction part 2 - EOS Model JAX Bridges.
 
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCREnjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
Enjoy ➥8448380779▻ Call Girls In Sector 18 Noida Escorts Delhi NCR
 

Label based Mandatory Access Control on PostgreSQL

  • 1. Label based Mandatory Access Control on PostgreSQL NEC Europe Ltd, SAP Global Competence Center KaiGai Kohei <kohei.kaigai@eu.nec.com>
  • 2. SE-PostgreSQL got merged in v9.1 NEW! NEW! contrib/sepgsql contrib/sepgsql Page 2 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 3. History of development ▐ Sep-2006 Launch development of SE-PostgreSQL based on v8.2.x ▐ Apr-2007 First post to pgsql-hackers, after 2 weeks of feature freeze ▐ Mar-2007 SELinux Symposium 2007 ▐ Nov-2007 METI Japan gave an award due to SE-PostgreSQL ▐ May-2008 PGcon2008 – SE-PostgreSQL ▐ Jul-2008 Development Cycle for v8.4 Too large to review ▐ Jul-2009 Development Cycle for v9.0 Steps to consensus up to the current design ▐ May-2010 PostgreSQL Developer Summit ▐ Sep-2010 SECURITY LABEL statement got merged ▐ Jan-2011 contrib/sepgsql got merged ▐ May-2011 PGcon2011 – Label based MAC on PostgreSQL ▐ Jun-2011 1st Commit Fest of v9.2 development cycle Page 3 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 4. Today’s Agenda ▐ Overview of label based MAC ▐ New features in v9.1 ▐ Our challenges to v9.2 Page 4 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 5. Characteristics of MAC DAC (discretionary access control) : Owner decide access control rules read determine access read? control rules rwx rwx create rwx rwx Data Data MAC (mandatory access control) : A centralized security policy decides access control rules read read? confidential confidential confidential create confidential Data Data security security policy server determine access control rules Page 5 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 6. Data Flow Control confidential unconfidential file with file with read write read write file with file with conffidential conffidential unconfidential unconfidential access control ▐ Keep confidential data in confidential domain No Read-Up No Write-Down (Only same level) Restriction to malicious internals ▐ Background TCSEC (Orange book; 1983) ISO/IEC15408 (CC: Common Criteria) Page 6 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 7. Reference Monitor Concept Reference Query & Monitor Decision making Data Object Request Access Allowed Control User Denied Error Information Information Asset Asset Object Manager ▐ A module that suggests its access control decision ▐ Three characteristics Always invoked Tamperproof Small enough ▐ SELinux performs as reference monitor in Linux kernel Page 7 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 8. Analogy in Linux and PostgreSQL system Filesystem LSM call permission Filesystem Security Security DAC MAC Server Policy SELinux SQL Database sepgsql ACL PostgreSQL SELinux SE-PostgreSQL Object manager Filesystem PostgreSQL Objects being referenced file, directory, device file, ... Schema, Table, Function, ... Way to request accesses System call SQL DAC Filesystem permission Database ACL MAC LSM & SELinux sepgsql & SELinux Page 8 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 9. Decision making of SELinux (1/2) ▐ Access control logic like a function •• Filesystem Permission Filesystem Permission •• Database ACL Database ACL •• SELinux SELinux •• others…? others…? Subject Allowed Access Control Object Logic Denied Action Decision Decision Input Output read, write, read, write, select, … select, … •• Owner ID Owner ID •• Permission Bits Permission Bits •• User/Group ID User/Group ID •• ACL ACL •• Superuser Priv Superuser Priv •• Security Label Security Label •• Security Label Security Label Page 9 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 10. Decision making of SELinux (2/2) ▐ The way to identify Subject/Object Path name? Owner ID? Security Label ▐ Security Label as a universal way for identification Example) system_u:system_r:postgresql_t:s0 system_u:object_r:sepgsql_ro_table_t:s0 ▐ Example of security policy allow staff_t sepgsql_ro_table_t : db_table { select }; 3rd item of the label being referenced 3rd item of the label being referencing Permission set being allowed SELinux uses white-list criteria. SELinux community provides general set of rules in default. Page 10 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 11. OT: source code of the default security policy Part of the “policy/modules/services/postgresql.te” at the default security policy policy_module(postgresql, 1.12.1) : type sepgsql_schema_t; postgresql_schema_object(sepgsql_schema_t) : type sepgsql_table_t; postgresql_table_object(sepgsql_table_t) : allow sepgsql_admin_type sepgsql_schema_type: db_schema { create drop getattr setattr relabelfrom relabelto search add_name remove_name }; allow sepgsql_client_type sepgsql_schema_t:db_schema { getattr search }; : allow sepgsql_admin_type sepgsql_table_type: db_table { create drop getattr setattr relabelfrom relabelto lock }; allow sepgsql_admin_type sepgsql_table_type: db_column { create drop getattr setattr relabelfrom relabelto }; : allow sepgsql_client_type sepgsql_table_t:db_table { getattr select update insert delete lock }; allow sepgsql_client_type sepgsql_table_t:db_column { getattr use select update insert }; Page 11 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 12. System-wide consistency in Access control Human user a centralized security server Human user Security Policy SELinux Login Access control Login bash bash vi Filesystem vi Networks psql psql classified unclassified information information X-window PostgreSQL domain of inter process domain of classified processes communication channels unclassified processes Page 12 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 13. Today’s Agenda ▐ Overview of label based MAC ▐ New features in v9.1 ▐ Our challenges to v9.2 Page 13 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 14. Features needed to support Label based MAC ▐ Security Label mechanism to associate a short text with a particular database object something like xattr in filesystem cases ▐ Security Hook mechanism to acquire control on strategic points of the code something like LSM in Linux kernel cases ▐ Intermediation with SELinux mechanism to deliver a pair of security labels into SELinux in kernel, and prevents violated accesses according to its decision Page 14 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 15. v9.1 New Features (1/3) – SECURITY LABEL SECURITY LABEL ON TABLE my_example FOR ‘selinux’ IS ‘system_u:object_r:sepgsql_ro_table_t:s0’; pg_seclabel system catalog classid objid subid provider label 2345 16384 0 ‘selinux’ ‘system_u:object_r:sepgsql_ro_table_t:s0’ Security Label Provider validation validation (module) check check ▐ Overview It enables to assign a text identifier of database objects. It allows security modules to reference security label of a particular object. ▐ Limitations Shared database objects are not supported, right now. Tuples in user-defined tables are not supported, right now. Page 15 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 16. OT: Labeled Networking staff_u:staff_r:staff_t:s0 getpeercon(3) getpeercon(3) SE-PgSQL IKE IKE Daemon Daemon user process Labeled IPsec connection PostgreSQL Authentication Hook ▐ Labeled Networking SELinux provides getpeercon(3) to get security label of the peer process. Kernel & IKE daemon were enhanced to exchange security labels. • supported on kernel-2.6.18 or later, ipsec-tools 0.72 or later ▐ Usecase in SE-PostgreSQL It obtains security label of the peer process on the authentication hook. Peer security label is applied to subject’s label on access control decision. Page 16 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 17. v9.1 New Features (2/3) – Object Access Hooks DefineRelation() { 3rd Party modules : CREATE TABLE heap_create_with_catalog() sepgsql.so sepgsql.so sepgsql.so : •• compute a default to check permission to (*object_access_hook) • check permission securitya new table create label, and (OAT_POST_CREATE, ...); assign it a new table of create on the new •• assign security label of : table. security label assign the new table } the new table ▐ Overview It enables 3rd party modules to acquire control on strategic points of the code. E.g) Just after creation of the object for default labeling. The object_access_hook informs event type and object identifiers. ▐ Limitations Only OAT_POST_CREATE event type is supported, right now. May need OAT_CREATE, OAT_ALTER, ... Only object identifiers are informed via this hook, right now. Page 17 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 18. v9.1 New Features (3/3) – contrib/sepgsql Client auth hook • Event Type • Object IDs Subject security label Query Hook invocation Required access policy Object security label Answer pg_seclabel contrib/sepgsql SELinux ▐ Overview It performs as intermediation between PostgreSQL and SELinux • PostgreSQL ... user Id, object Id, • SELinux ... security label, object class and permission ▐ Limitations only DML permissions are checked, right now default security labels on schemas, tables, columns and procedures Page 18 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 19. Today’s Agenda ▐ Overview of label based MAC ▐ New features in v9.1 ▐ Our challenges to v9.2 Page 19 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 20. Limitation in v9.1, and Challenges to v9.2 ▐ Frequent system-call invocations Add access control decision cache ▐ No security label on shared obejct Add pg_shseclabel catalog, and extend SECURITY LABEL ▐ No DDL Permission checks Extend object_access_hook to take arguments Put object_access_hook around existing DDL checks ▐ Row-level access control Fix leaky VIEWs problem Extend security label on user-defined tables Page 20 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 21. v9.2 challenges (1/3) – Userspace access vector cache PostgreSQL contrib/sepgsql.so read-only mmap(2) read-only mmap(2) Status Page userspace # of loaded access vector invoke cache security (uavc) policy hooks access control SELinux logic (Linux kernel) ▐ Overview uavc keeps access control decision recently used; that allows to reduce number of system call invocations. ▐ Challenges Cache invalidation on security policy reloaded on kernel-side Linux 2.6.38 already support selinux status page. Page 21 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 22. v9.2 challenges (2/3) – DDL Permissions postgres=# ALTER TABLE drink OWNER TO ymj; LOG: SELinux: denied { setattr } ¥ scontext=unconfined_u:unconfined_r:unconfined_t:s0 ¥ tcontext=system_u:object_r:sepgsql_table_t:s0:c0 ¥ tclass=db_table name=drink ERROR: SELinux: security policy violation ▐ Overview It allows to check permissions on DDL commands also. ▐ Challenges Larger number of strategic points than DML support object_access_hook with additional arguments Page 22 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 23. v9.2 challenges (3/3) – Row-level security postgres=# SELECT security_label, * FROM drink; security_label | id | name | price -----------------------------------------+----+-------+------- system_u:object_r:sepgsql_table_t:s0 | 1 | coke | 150 system_u:object_r:sepgsql_table_t:s0 | 2 | fanta | 130 system_u:object_r:sepgsql_table_t:s0:c0 | 3 | beer | 200 system_u:object_r:sepgsql_table_t:s0:c1 | 4 | sake | 240 system_u:object_r:sepgsql_table_t:s0:c2 | 5 | juice | 180 (5 rows) ▐ Overview Filter out rows based on security policy and labels of individual tuples ▐ Challenges Fix the problem known as Leaky-VIEWs Security label support for user-defined tables Query rewriter to append security-policy function Interaction with system catalog Page 23 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 24. Future Vision (1/2) – Role based access control Only DDL, Only DDL, DML not allowed DML not allowed SQL with SQL with confined privileges Database confined privileges Administrator Execute Execute internet Backup SE-PostgreSQL System Log pg_dump/pg_restore Administrator customer Log File Page 24 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 25. Future Vision (2/2) – Secure multi-tenancy Filesystem Shared Database Resource Filesystem Filesystem Filesystem Database Database Database http://www.blue.com/ http://www.red.com/ http://www.green.com/ blue red green SELinux performs as a logical-wall between security domains. Page 25 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL
  • 26. Summary ▐ Overview of MAC Data flow control and Reference monitor concept SE-PostgreSQL enables to deploy RDBMS within DFC scheme. ▐ Features in v9.1 SECURITY LABEL Object access hooks contrib/sepgsql ▐ Challenges to v9.2 Userspace access vector cache DDL Permissions Row-level access control Page 26 PGcon2011 - Label Based Mandatory Access Control on PostgreSQL