Microsoft IPE, new security code for Linux

Microsoft has released more details about a new program that the company is working on for the Linux kernel.

The new project is called Integrity Enforcement or simply IPE from the enforcement of political integrity. The project is essentially a Linux security module (LSM from the Linux security module). LSMs are optional plugins for the Linux kernel that enable additional security features.

Microsoft

Σύμφωνα με τη σελίδα τεκμηρίωσης που δημοσιεύθηκε τη Δευτέρα, το IPE είναι η προσπάθεια της Microsoft να επιλύσει το πρόβλημα ακεραιότητας του for Linux, an operating system the company uses widely in its Azure cloud service.

On Linux systems where IPE is enabled, administrators will be able to create a list of binaries that will allow them to run and add authentication features. So the kernel will check each binary before allowing it to be executed. If the binaries have been modified by an attacker, the IPE will be able to prevent malicious code from being executed.

Microsoft states that the IPE is not intended for home computers. IPE LSM is designed for very specific use cases where security is paramount and administrators must have complete control over what is running on their systems.

Microsoft today released the specifications for the new IPE module. IPE is currently in place in RFC mode (διαθέσιμο για σχόλια από το for comments), and it looks like it will be time before it is sent to add to the Linux kernel.

The Linux kernel already includes an LSM for code integrity, called the Integrity Measurement Architecture (or simply IMA). Microsoft has stated that IPE differs from IMA because it "doesn't depend on file system metadata" and because IPE features "have defining properties that exist exclusively in the kernel," meaning that IPE does not need to code as needed by IMA, IMA signatures.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).