The protection mechanisms of current mainstream operating systems are inadequate to support confidentiality and integrity requirements for end systems. To address this problem, the National Security Agency (NSA) worked with Secure Computing Corporation (SCC) to develop a strong, flexible mandatory access control architecture based on Type Enforcement. The architecture, now called Flask, was prototyped in the Mach and Fluke research operating systems. The NSA is now integrating the Flask architecture into the Linux operating system to transfer the technology to a larger developer and user community. NAI Labs, SCC, and MITRE are assisting the NSA in this integration. This paper presents the design and implementation for integrating the security mechanisms of the Flask architecture into the Linux kernel.

About NSA Employment Opportunities INFOSEC History Releases

National Cryptologic Museum Mathematics & Education Tech Transfer