Monday, September 02, 2013

Red Hat White Paper




Red Hat Enterprise Linux appeals to people who prefer a cost effective, safe, and stable operating system.  The main appeal that is Linux is designed for an open source (freely available) vs. a closed source (proprietary software) operating system. However, all operating systems are in danger of being hacked. Even so, in 2004, Microsoft security flaws were at a 38% critical status while 10% of Red Hat security flaws were critical status.  
The main theme of this paper is that the Linux design ensures security better than Windows.
The benefits of Red Hat Enterprise Linux include:
·         Red Hat Enterprise Linux provides 95% to 140% advantage over Windows for performance of real-world enterprise workloads.
   Red Hat Enterprise Linux supports 4096 processors while Windows Server 2012 supports only 64 processors.
   Red Hat supports more RAM than Windows
   Linux can run in server farms.
·         Red Hat includes mandatory access control with SELinux and sVirt which means that it has an extra layer of security originally in UNIX .
·         Red Hat Enterprise Linux virtualization can perform as well or better than bare metal (Cloud Infrastructure firmware).
·      The Kernel Virtual Machine permits Linux to be a Type 1 bare metal hypervisor from the kernel which creates stability and security inside the virtual machine.
·         The sVirt integrates with a virtualization management abstraction layer called libvirt to deliver a MAC-like agenda for virtual machines. This architecture permits all virtualization platforms preserved by libvirt and all MAC employments maintained by sVirt to operate together.
The recommendations for Red Hat Enterprise Linux are as follows:
·         I recommend Scientific Linux which is a free Red Hat Enterprise Linux clone download that has NTFS-3g for Windows NTFS drivers and RPM Fusion. It can be used like a RHEL web server, because it is a clone after all.
·         VMware, vSphere, or KVM are recommended for Red Hat Enterprise Linux, because both are enterprise –grade virtual machines. I strongly recommend KVM virtualization, because it is much more efficient with time and allows the user to perform tasks faster rate with 4096 processors.  The time management improvement when the operating system in the VM is hacked and has SELinux and sVirt integration, you can delete the VM right away and you can use the backup copy immediately. 

 




Cyber threats
    One type of terrorism is cyber warfare attack which endangers America's financial and national security.  One example of a serious cyber threat is China or Russia hacking into our power grid and leaving a logic bomb causing a situation similar to the Northeast Blackout of 2003. The Northeast Blackout of 2003 was caused by UNIX kernel panic which caused the affected operating system to crash. A logic bomb is a malicious code that waits for a sequence of events which causes the kernel panic.  It's evident that cyber warfare is an effective power tool for any government to use against an ally or enemy that threaten communications systems and/or a deactivates national infrastructure. (Schneier , B., 2013)
Better security
     The commercial infrastructure frequently undervalues the occurrence and possibility of breaches, with numerous groups reluctant to depict the amount of the data loss. Executives are always on the lookout for breaches. Cyber attacks pose a substantial menace to cherished commercial data as well as legal and promotional problems that can touch customer assurance and maintenance. Security at all levels is compulsory, from developers reducing the possibility for danger in their submissions, to system administrators logging, monitoring access, and limiting and keeping systems current. Like Windows, Linux has security like access control lists, ciphertext, Kerberos, MD5 encryption , SHA2 hash algorithm, root password and privileged ports. Red Hat Enterprise Linux delivers satisfactory application support so that deployment security is consistent, reliable, and feasible. Today, IT establishments use a variety of approaches to secure enterprise infrastructure, such as isolating environments with deploying firewalls, virtualization, performance deep packet inspection and executing untested code called  sandboxing. (Redhat, 2013)
Privileges
      Linux security is more ideal, because users don’t have the same “root” privileges as Windows. Windows users can choose to have an administrator account, but with Linux users, only administrators can have root privileges (superuser). Most Linux users do not have access to the root account meaning that they cannot do damage to their Linux.  (Noyes, K., 2010)
Social engineering
     Social engineering, such as viruses and worms, is a method that cyber attackers use to entrap the user to do damage to their system unknowingly. The malicious code can be easily spread when users open attachments that carry worms and viruses.  Windows is more prone to social engineering than Linux, because malicious codes cannot be executed on Linux since the root account is locked out to all users, except for administrators. The advantage here is that only administrators have the root access, thus preventing damage to a Linux system.    (Noyes, K., 2010)
Monoculture effect
     Windows has a monoculture effect meaning both viruses and Windows users have the same technology.  Microsoft Windows dominates most of the email such as Outlook and Outlook Express.  Conversely, Linux has a generic diversity which minimizes effect of viruses, worms, and Trojan horses. (Noyes, K., 2010)
Audience size
     Most viruses target Windows by virtue of its large audience.  The fact that millions of people are using Windows makes it an attractive target for attacks.  (Noyes, K., 2010)



Windows in Organizations
        Windows 7, 8 and Windows Server 2012 are the chosen operating system of many organizations.  It is dangerous to have a ten year old Windows XP, because its vunerable to hacking. Even with Windows emulation with Crossover Linux (wine front-end) compatibility, organizations are reluctant to make a switch to Red Hat Enterprise Linux clones, because Linux isn't marketed to business. Security takes a back seat to application compatibility in the Cyber Cold War era. (Noyes, K., 2010)
Linus Benedict Torvalds Law
     Linus law says, “Given enough eyeballs, all bugs are shallow”. (Noyes, K., 2010)  Consequently, Windows users only have a limited set of paid developers (less eyeballs) who work to find problems in code. Only after a solution is found, does it get publicized.  Linux would have countless users viewing the code at any time, making it more likely that someone would identify a flaw, and fix it immediately for everybody's usage.  (Noyes, K., 2010)
                                                          Virtual Machines
       Applying virtual machines to Linux enhances security and ensures process availability.  There are three key features of a virtual machine. First, each virtual machine is isolated from each other. If there is a kernel panic on one virtual machine, other virtual machines are not affected. Second, the hypervisor is situated in-between the server hardware and the software stack.  This means legacy applications are using the latest hardware technology even though the operating system doesn’t support the necessary drivers in the virtual machine.  (Archive.org, 2013)



Kernel Virtual Machine
       The above chart shows how Red Hat Enterprise Virtualization is based off KVM.  First, KVMs were designed from some hardware assisted virtualization.  KVM was designed into an optimized hypervisor solution of baggage. The KVM in Linux can use the entire hardware vendor ecosystem.  KVM can store VM images into every storage supported by Linux such as SATA, SCSI, network attached storage and SAMBA or SAN or iSCSI.  It has a virtualization manager that has advanced capabilities for guests and hosts like high availability migration, and system scheduler. Also, there is a reporting engine that has a documented database schema and sample reports so that Red Hat Virtualization Manager can extract information.  Red Hat can prioritize high availability of critical virtual machines so that ranking can take place so mission critical applications may be a priority on remaining hardware whilst other virtual machines are reduced at the same time. Red Hat virtualization manager can track live migration for movement of running virtual machines from one host to the next host without a performance hit. Red Hat Virtualization manager has a search driven interface that can tag for searching virtual machines for host characteristics. (archive.org, 2013)



VMware
      The above charts show that VMWare vSphere can improve the deployment of infrastructures.  The  vCenter has fast provisioning by replication of virtual machines. vCenter has load-balancing,  live migration of virtual machines,  high availability for virtual machines,  and has an automated patch management for hypervisor.  The purpose of vCenter is to use a VMware vSphere farm which has more services in less physical servers. Both virtual machines play the identical set of events.  The virtual machines check each other’s heart beat and take over if VMs miss heart beats. vSphere has its individual virtual switch, because administrators tend to prefer physical networks. At a datacenter level, disputed switches span numerous vSpheres hosts and aggregate networking. The switch abstraction configuration of individual virtual switches and enables centralized administration. There is a VMware Site Recovery Manager to restart virtualized ICT infrastructure in a backup center when a main datacenter fails.  The Site Recovery Manager is rapid, reliable, affordable, and manageable. VMware is 64% of the market while Microsoft virtualization is 27% as seen in the chart below.  (archive.org, 2013)
Traditional x86 security approaches
       The hardware layer is set to different devices and computes resources.  The OS layer would need control of the hardware operation. The OS layer is responsible for prioritizing the hardware resources and sharing them among the different tasks.  The services layer would use the OS as an interface to access required hardware resources.  The hypervisor will allow underutilized servers to become utilized servers by producing independence amid hardware and software layers. The application has the ability to run in numerous dissimilar development and test systems. The protection is where the administrator has a low-cost storage area network.   Deployment is where virtualization reduces administrative effort and increases deployment speed.  (archive.org, 2013)
Six layers of VES
      There are six features that VES or server consolidation uses to host aging applications or operating systems on modern hardware, for application isolation and security.  The six layers of VES are virtual access software, virtual application environment software, virtual processing software, virtual storage software, server provisioning, and management software and security software. Virtual access software will allow applications to be accessed from almost any intelligent access point device over any network without applications ever having to be architected for supporting that device or network.  There is virtual user interface software or various types of portal software.  Second, virtual application environment software creates an application and deployment environment which would develop applications so they are more reliable and robust and unaware of the underlying hardware or operating environment.  Third, virtual processing software appears on main systems such as operating environment, single-system image clustering software making many systems appear to be a single computing resource running a single operating environment.  This would include load balance software, data and application availability software, single system image clustering, and parallel processing software.  Fourth, virtual storage software tolerates applications unaware of how and where application and data are stored including storage replication and file systems.  The software supports network attached storage and storage area networks. Fifth, the security provisioning and management software allows administrators and operators to manage, operate and load environment categories. This is an example of module of on-demand or adaptive environment methods to application deployment.  Sixth, the security software is decomposed into components, access control and identify management are much more significant.  Without strong security, black hats could destroy the distributed architecture and commander application components or resolves to an organization’s disadvantage. ( Gillen, A., 2006)
SELinux
       By leveraging the trust of minimum privilege and over the organization of a security policy on the system, SELinux stops the negotiation of a whole system due to the negotiation of a single program running which would then be raised privileges. The second benefit is that SELinux defends the privacy and truthfulness of data. By eliminating preference from users over which way data may be operated, delicate data can be limited from inadvertent, deletion, modification or sharing when security-relevant access is taking place or when procedure struggles to open a file and caught in the kernel by SELinux. (Runge, C., 2013) (redhat.com, 2013)
      With respect to the kernel, SELinux adds a security attendant comprehending the security policy. SELinux’s detached implementation mechanism receives and smears the policy decision. The enforcement mechanism and policy are autonomous; policy changes do not necessitate variations to the implementation device. SELinux modifies numerous user- space components for distinguishing and treating policy development, role changes, security contexts, and other tasks vital for performing mandatory access control on the system. SELinux has contents, object classes, labels, policy rules, interfaces, and attributes. (Runge, C., 2013) (redhat.com, 2013)
Discretionary Access Controls (DAC)
       Most Linux and UNIX-based operating systems practice an access control tool known as Discretionary Access Control (DAC). Under a DAC scheme, directories and files on the system are labeled resolving a set of permissions on behalf of which group and user the file is proper to and what that user, group, or others interact with the object, such as reading, writing, or executing. This comparatively simple yet mainly influential scheme permits multiple users and programs to harmonize on the same system, the permissions are properly set, ensures that users have control over their objects but no others. By exploiting a program, such as a daemon (Nagios Core) that scores with filled root permissions, the user can use that database as an introduction pad for his/her preferred malicious actions on the system. (Runge, C., 2013) (redhat.com, 2013)
Mandatory Access Control (MAC)
      Mandatory access control removes security decisions from of the user. While users and groups may still own files and directories on the system, permission is eventually administrated by a security policy, that labels which users and programs can contact which objects on the system. This security policy is required over all procedures and objects on the hardware. First, the trusted operating systems that delivered mandatory access control had mostly distinct offerings from their normal counterparts. The inadequate audience is consisting of intelligence and military applications; these important systems had recognized less prominence from operating system vendors and third-party vendors alike. (Runge, C., 2013) (redhat.com, 2013)
Multi-Level Security (MLS)
     Multi-level security has a specific mandatory access control model that has confidentiality.  Traditionally, a physical separation of a dedicated system would split up among Top Secret, classified, and confidential. The multi-level security is dynamically enabled to have multi-category security which has added a discretionary labeling scheme.  (Runge, C., 2013)
Svirt
       It is important to know that sVirt repeatedly manages the virtual machine process security boundary, shielding the hypervisor, host, and other virtual machines from hacking.  An example would be each virtual machine has a process; labeled by SELinux, successfully forming a security limit around every virtual machine. The sVirt extends the SELinux classification scheme to VMs; thereby, leveraging the established SELinux capabilities and as well as providing extra significant benefits for security administration. Each system resource such as counting data files, devices, and processes labeled by a type that entitles its security sVirt dynamically labels the VM procedures have policy recognized on the VM file images. As a result, the VM technique cannot contact possessions separate of the VM. These VM process labels are applied mechanically and vigorously, stopping the administrative problem of manually labeling resources and building the entire security solution to be policy-driven-based. (redhat.com, 2013)
Benefits
    Some of sVirt’s benefits are that it has proven security on virtual environment and was co-developed by the National Security Agency.  There is protection of network resources, data files, memory, and applications.  There is protection against virus attacks across virtual machines. The sVirt has integration with SELinux protects of virtual machine resources running a Linux guest.  There is a policy driven security with low administration liability.  (redhat.com, 2013)
Hypervisor security threats
      Hypervisor security threats are when a compromised application is running on a virtual machine and attacks KVM so that it may access resources.  This can include devices within the physical machine, applications, or host operating system.  This threat is a threat vector unique in virtualization and represents a risk that the fundamental real machine would be compromised when there are sole virtual application weaknesses. (redhat.com, 2013)
VM Security threats
      This is when there is a compromised application running in a VM which attacks a hypervisor to control another VM.  This is unique to virtualization and represents risk as a multitude of VMs images are compromised with viruses due to vulnerability.  (redhat.com, 2013)
Conclusion
       An age of multi-computer households permits Linux to be an enormous savings over Windows.  Linux has all the software repositories in one place so the administrator doesn’t have to search the web for programs which are missing and the repositories come without a malicious code and Windows does not.  Most drivers are a part of the Linux kernel whereas Windows supports very little hardware and requires manufacture driver downloads.  Linux is more secure than Windows, because the firewall (iptables) is apart from the Linux kernel.  Malware is not seen in Linux, because software is installed directly from the Red Hat repositories.   (Bothwick, N., 2010)
References
Bothwick, N. (2010, December 4). 20 reasons you should switch to Linux. Retrieved from Techradar website: http://www.techradar.com/us/news/software/operating-systems/20-reasons-you-should-switch-to-linux-912294
I discuss security of Linux in my white paper, and this a relevant source, because it also discusses security of Linux. The relevance of this source is it comes from United Kingdom's Linux Format magazine. A strength of this source is that the article has a list format. A weakness of this source is that there are more than twenty reasons Linux is better than Windows, but are not listed in the source. A goal would be naming some headlines from the list of this website in my white paper, because Linux Format is legitimate.
Gillen, A. (2006). Red Hat Virtualization: Meeting the challenges of optimization. Retrieved August 21, 2013, from Red Hat website: http://www.redhat.com/f/pdf/virtualization/idc_200791.pdf
This source provides a brief history of virtualization. It is relevant, because it has the virtual access software listed. The strength of this source is that it describes the six layers of VES for Red Hat Enterprise Linux. A weakness is that was published in 2006, and there is no updated revision. The source will help explain the six layers of virtual environment software in virtual access software.
Noyes, K. (2010, August 3). Why linux is more secure than windows. Retrieved from PCWorld website: http://www.pcworld.com/article/202452/why_linux_is_more_secure_than_windows.html
I discuss security of Linux in my white paper, and this a relevant resource, because it also discusses security of Linux. A strength in this resource is the author holds a Master’s Degree in Management Information Systems and writes for the Linux Foundation. The weaknesses of this resource are that I disagree with key factor #5, Linus law, as stated in the article due to freezing. I believe this article is a great summary of key factors of Linux security, and these key factors are going to be included with my white paper.
Runge, C. (n.d.). SELinux: A new approach to secure systems. Retrieved from Red Hat website: http://www.redhat.com/rhecm/rest-rhecm/jcr/repository/collaboration/jcr:system/jcr:versionStorage/bee786240a0526027965377c1ccaded2/2/jcr:frozenNode/rh:pdfFile.pdf
The source is relevant to my white paper, because it discusses SELinux. The source talks about Access Control Mechanisms, Security Enhanced Linux itself, and SELinux architecture and design. The strength of this source is that it tells you where to deploy SELinux, and discusses recent additions to SELinux capabilities. A weakness of this source is that it does not show the limitations of SELinux and Mandatory Access Control. One of the goals of my white paper is to explain Mandatory Access Control (MAC) as well as Multi-level security (MLS) in SELinux, which are also covered in this article.
Schneier, B. (2013, June 21). US Offensive Cyberwar Policy [Blog post]. Retrieved from Schneier on Security website: http://www.schneier.com/blog/archives/2013/06/us_offensive_cy.html
This source is relevant with the cyber cold war with China, Russia, and old cold war enemies. This source discusses disrupting communications systems, and disabling national infrastructure like a power grid. The strength is it mentions the threat from China and Russia, because these countries do the most hacking. The weakness is that it doesn’t mention Red Hat Enterprise Linux. One of the goals is to focus on the cyber warfare from different countries.
Secure virtualization with sVirt. (2013). Retrieved from Red Hat website: http://www.redhat.com/rhecm/rest-rhecm/jcr/repository/collaboration/jcr:system/jcr:versionStorage/cddeee980a070d54511c17e2d78baed5/3/jcr:frozenNode/rh:pdfFile.pdf
This source is relevant, because it includes a brief history of secure virtualization with sVirt and provides industry knowledge on virtualization. A strength of the source is that it discusses powerful policy driven safety with low administration load. The weakness is that this source does not discuss the implementation of sVirt in Red Hat Enterprise Linux. This source will help me discuss sVirt and how it relates to SELinux in my paper.
SELinux and mandatory access control (MAC). (2013). Retrieved from Red Hat website: https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Virtualization_Security_Guide/sect-Virtualization_Security_Guide-sVirt-MAC.html
This resource is a manual for virtualized environments found on the Red Hat website. Since this article discusses how checking is an allowed operation once standard discretionary access controls are checked, it is relevant to my white paper, because I am talking about mandatory access control. A strength is Red Hat's credibility, since Red Hat is credible their manuals should be credible. A weakness is that the manual was short and only had a dictionary description of the topic; therefore, this does not promote adequate information for the user. The manual is going to help me with proper definitions.
SELinux for Red Hat Developers. (n.d.). Retrieved 2013, from Red Hat website: http://www.redhat.com/rhecm/rest-rhecm/jcr/repository/collaboration/jcr:system/jcr:versionStorage/e906c3960a0526014bf0b4474cffa022/2/jcr:frozenNode/rh:pdfFile.pdf
The source is relevant to my white paper, because it covers the roots of SELinux such as multi-level security (MLS), discretionary access control (DAC) and mandatory access controls (MAC). Since my paper talks about these controls, this resource will be valuable. The strength of this source is that it is a white paper, so it provides me with more knowledge on how to write my final paper. One weakness of the source is that the audience is for programmers, and may not be as well understood by non-programmers. The goal of using this resource is to help discuss SELinux's MAC and DAC in my paper.
Sobell, M. G. (2012). A practical guide to Fedora and Red Hat Enterprise Linux (6th ed.). Upper Saddle River, NJ: Prentice Hall.
This source deals with virtual machines including XEN, VMware, and KVM. This is relevant, because my white paper discusses VMware and KVM. A strength that this resource has is that it is a published book, and this only legitimatizes its credibility. A weakness is that the book has a 2012 copyright, and the information can be outdated even if it is only a year old. I will use the security knowledge from this book for my white paper since I will be discussing targeted, multilevel, and strict security.
Virtualization at Fujitsu. (2013). Retrieved from Archive.org website: https://archive.org/download/WpVirtualization/wp-virtualization.pdf
This source explains what virtualization is. I discuss a lot about virtualization in my white paper; therefore, this is relevant. This paper discusses the best known technologies including Red Hat Enterprise Linux, and this is a strength, because my paper is about Red Hat. The weakness is that Fuijitsu is from Japan; therefore, I cannot use some of the Fujistu-centric terminology, because it is proprietary to that company. Since one of the goals in my white paper is to discuss virtualization, this should be an informative resource.



No comments :