Medusa DS9 Security System


Medusa DS9
[Medusa]
Resources

History and Concepts - the first thing you should read

Progress and plans - the actual state of project

README file from the current stable release

Change log of the latest stable release

Download area (or FTP link)

CVS repository

Mailing list archive - it's low traffic and all users are strongly suggested to subscribe

GPG key to verify your downloads.

E-mail to the authors

Links

RSBAC

SELinux

Trusted BSD

LIDS

MAC

VXE

Openwall Project


 

What we have already done

  • Stable Medusa DS9 for Linux 2.2.x is out for a fairly long time. Known object types are syscalls, files, processes and IPC objects.
  • Stable Constable for Linux 2.2.x and 2.4.x is working.
  • VS monitor for 2.4.x kernels is now in alpha stage.

What we are working on now

  • debugging the VS monitor for Linux 2.4.x kernels,
  • working on new Medusa (this is what took us the last year):
    • implementing the completely redesigned VS monitor for Linux and Free/NetBSD in i386, sparc and mips versions (with portability to other software and hardware platforms in mind). New VS monitor is more object-oriented and will enable some new modes of authentication.
    • finalizing the implementation of new Constable, which is independent of OS version and configuration, and have many other important changes. It enables to combine various security models automatically, it has a better configuration language with new expression evaluation and many other improvements.

Plans and future goals

  • We need a documentation, especially on new architecture and Constable
  • build a secure network authentication module, based on new VS monitor - this will enable to monitor the nework from the single node.
  • port the VS monitor to various hardware platforms and operating systems (*BSD and Solaris in first step, non-unix systems in the second step)
  • and as a long-term project, try to improve the VS model

The last but not the least..

        Medusa DS9 is a free, open project. We'd like to hear your opinions and we will invite your contributions. Be it the documentation, software, configuration scripts, various security models suitable for use with Medusa, hardware platforms for ports. Our thanks go to anyone who helped with the project, but especially:

  • Sun Microsystems Slovakia for donating the SPARCstation 5 and software for development
  • Tony Kocurko for the english documentation
  • W. Mark Hagler for the access to a Sparc machine for porting (which was hardly accessible, but we have some files to start from:)
  • Branislav Steinmuller for his suggestions and support
  • Robert Dobozy, Jan Varga, Robert Varga for their helpful comments and testing

        We appreciate your continued patience, and assure you it will be worth the wait.


This page is designed for lynx.
Hosted by terminus.
Core design (c) 1999 Www, graphics art (c) 2000 salo.