Demystify SELinux - Learn it by doing it

This workshop will provide insights to bring pro-active security, understanding of SELinux terminology, SELinux utilities and its associates.The workshop will also explain SELinux policy creation for custom applications. Together with participants we will go through attack vectors and malicious methods used by attackers directly in confrontation with SELinux also how SELinux policy can be carried over into modern container-based environments using Ansible.

Speaker/Instructor:
Binitha MT and Sangamesh Koradhanyamath; Software Senior Engineer, DELL EMC
K S R Prasanth; Software Principal Engineer, DELL EMC, Pavas Handa, Software Engineer II, DELL EMC

Date: 17th October 2019

Time: 03:30 PM to 06:00 PM

Venue: Workshop Room 4, NIMHANS Convention Centre, Bangalore.

Fee: Rs. 3999/- (Limited seats available)

Objective of the workshop

This workshop will provide insights to bring pro-active security, understanding of SELinux terminology, SELinux utilities and its associates

Who can attend this workshop?

The workshop can be attended by Beginner and Intermediate Linux Engineers, System Architects, DevOps and Security Engineers

What all will be covered in the workshop

Introduction, Agenda and scope of the day – 15 min
W’s of SELinux – 30 mins
- DAC vs MAC
- Analysis of real time Linux exploits/ vulnerabilities
- SELinux Architecture
- Rule Based Access Control
- Multi Level Security
- Multi Category Security
- Domains and types, security context, domain and type transition

Analysis of targeted SELinux policy – 15 min
- Source code analysis of RHEL / CentOS and Tresys Reference Policy
- Types and modes
- Filesystem locations

Program/Lab/Troubleshoot – 60 mins
- SELinux module development and compilation
- Interfaces and macros
- Aliases, types and attributes
- Boolean variables
- AVC – Access vector Cache
- Utilities for SELinux module development
- Pros and Cons
- Guidelines for SELinux Policy development
- SELinux for Containers
- Deploy policy using Ansible

Wrap-up/Questions/Networking – 15 mins

Benefits/Takeaways of this workshop for the attendees

Understand the traditional Linux Permission
W’s of SELinux
Understand SELinux types, policies, rules
Enable them in creating , writing and troubleshooting SELinux Policies.
How to enable SELinux in Mobile and Container application using Ansible

Pre-requisites to attend the workshop

Its a BYOD
At least 20GB of free disk space
At least 8GB of RAM
Participants should have the Virtualbox installed on their machine
Full Admin access on your laptop
Fedora Virtual Machine (ISO will be provided)

About Speakers

Binitha MT
Binitha MT is a Software Senior Engineer at Dell EMC with a total of 4 year of experience in Server Administration domain. She is passionate about data mining and search engines. Besides this, she is a core member of Women in Technology and an NGO activist. A happy to go person and a great Team player.

Sangamesh Koradhanyamath
Sangamesh Koradhanyamath is a Software Senior Engineer at Dell EMC. He has about 8+ years of experience in System Management. He loves to code and dissect intricate problems and a strong believer of the Unix philosophy. A keen interest in Linux and ability to solve complex problems are his trait.

K S R Prasanth
Prasanth K S R is an Honest, Open minded professional and an avid lover of Linux and Open Source who believes in sharing knowledge. He is currently working as Software Principal Engineer at Dell EMC. He has over 10 years of solid understanding of a diverse range of IT infrastructure, systems management. He loves what he does with a unique differentiator of managing complex problems with many variables. He constantly thrives to build things better helping the organization ready for the future.

Pavas Handa
Pavas Handa Software Engineer II has one-year experience and has completed her post-graduation from IIIT, Delhi. She has done projects related to Data Mining, Probabilistic Graphical Model and NLP. She is interested in exploring more areas in ML/AI.