Linux Security Summit 2013/Abstracts/Johansen2
The AppArmor Labeling Model
John Johansen, Canonical
This presentation would cover in greater detail the AppArmor labeling extension. Specifics of how ApppArmor's labeling model works, and design decisions that where made around the model and implementation.
This will include a discussion of the interaction of object labeling with access path based rules. The relationship between AppArmor's labeling and types, how types can be derived from AppArmor policy, and why labeling is not always a type.
Some performance analysis and comparisons with older versions of AppArmor will can be covered if time permits.