Skip to content
minapoli edited this page Apr 12, 2016 · 8 revisions

##Project Overview

The Certifiable Linux Integration Platform (CLIP) project provides a security hardened operating system platform to host secure applications. CLIP defines a specific configuration of Security Enhanced Linux (SELinux) designed to provide the foundation for hosting secure applications. This configuration consist of a separation of roles, mandatory access control (MAC), discretionary access control (DAC), and data separation. With this foundation in place, the hosted application need only concern itself with the specific security details of its task and not necessarily those associated with these overhead functions. By using CLIP, implementers can provide evidence of compliance with the following established operating system security requirements and guidelines:

  • National Institute of Standards and Technology (NIST) Special Publication 800-53 revision 4
  • Defense Information System Agency (DISA) Information Assurance Support Environment (IASE) Security Technical Implementation Guides (STIG) (RHEL 7 Draft for latest release)

Additionally, the use of CLIP may provide implementers with the ability to provide evidence of compliance with the following:

  • Director of Central Intelligence Directive 6/3 “Protecting Sensitive Compartmented Information within Information Systems” (DCID 6/3) Protection Level 4 (PL4)
  • National Security Systems (NSS) Instruction 1253 “Security Controls Catalog for National Security Systems” High Impact requirements
  • Department of Defense (DoD) Instruction Number 8500.2 “Information Assurance (IA) Implementation” MAC I Classified requirements

The requirements identify the following three areas: Confidentiality, Integrity, and Accountability. CLIP is designed to support these areas in the following manner.

  • Confidentiality: SELinux policy is used in CLIP to guarantee that only those entities with sufficient access approval may process sensitive data. The extensible nature of SELinux policy enables a developer to manage sensitive data, and create a security policy that exposes this data on a need-to-know basis. An example of a secure application which would benefit using CLIP is a Cross Domain Solutions, which needs to have fine-grained control over the disclosure of information, most of which could be managed by proper configuration of SELinux policy.
  • Integrity: A secure system must protect against unauthorized modification of data. Data integrity need not be limited to system security relevant information, but all information contained on the system. The mandatory access controls provided by SELinux ensures the integrity of the data.
  • Accountability: In any type of secure system, it is essential to maintain accountability for security relevant events. CLIP uses system call auditing, combined with the auditing and user authentication capabilities of SELinux, to provide administrators with detailed information about all security relevant changes to a system's state.

CLIP currently consists of the following four instances:

  • The initial release configured a SELinux installation on a RHEL 4 system to support developers in meeting the Director of Central Intelligence Directive 6/3 “Protecting Sensitive Compartmented Information within Information Systems” (DCID 6/3) Protection Level 4 (PL4) requirements.
  • The second release targeted RHEL 5 and supports developers in meeting both the DCID 6/3 PL4 and the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 “Recommended Security Controls for Federal Information Systems” High Impact requirements.
  • The third release targeted RHEL 6 and supported developers in meeting National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 revision 4 and Defense Information System Agency (DISA) Information Assurance Support Environment (IASE) Security Technical Implementation Guides (STIG) RHEL 6
  • The fourth release targeted RHEL 7 and supported developers in meeting National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 revision 4 and Defense Information System Agency (DISA) Information Assurance Support Environment (IASE) Security Technical Implementation Guides (STIG) RHEL 7 Draft

##Project Goals

The goals for the CLIP Project are to provide the following items:

  1. A mapping between security requirements and operating system functions.
  2. A configuration of an operating system which satisfies the security target as defined by the security requirements.
  3. An enumeration of the evidence to support the claims that the configuration meets the security requirements.