The scarcity of security companies peddling enterprise-class wares at LinuxWorld could mean that the job of making Linux definitively more secure than its proprietary counterparts will owe more to initiatives in Washington, DC, than Silicon Valley innovations. . .
The scarcity of security companies peddling enterprise-class wares at LinuxWorld could mean that the job of making Linux definitively more secure than its proprietary counterparts will owe more to initiatives in Washington, DC, than Silicon Valley innovations.

Overall, the products on hand lacked the originality and brand-name clout needed to wow enterprises. In the end, a development effort with the aim of making Linux a staple of governments worldwide may be what most convinces big business that the OS is secure and enterprise-worthy. The National Security Agency gave open-source software an initial boost when it pioneered the security-enhanced Linux OS (SELinux) prototype a year ago, but today universities are picking up the torch. The focal point of the current open source security push is the Cyberspace Policy Institute (CPI) at The George Washington University, which is spearheading the Project E-Government Operating System (EGOVOS). At an EGOVOS conference session at LinuxWorld, panel members made clear just how ambitious their project is. Their goal? Make Linux bulletproof and governments will be compelled to adopt it.

The lynchpin in SELinux security is mandatory access control, a method that NSA championed as early as October 1998 in a white paper on computer security failures. The problem is, mandatory access control systems can't do a thing if they don't have rules to follow. Having your developers write all those rules would be cumbersome to say the least, a fact not lost on CPI.

The link for this article located at ZDNet is no longer available.