File Lock - Pea

[3] NIST Special Publication 800-209: Security Guidelines for Storage Infrastructure .

Input: File path F, Request R (principal, process_hash, mode) Output: Lock granted (true/false) 1. Retrieve extended attribute `pea_policy` from F. 2. If `pea_policy` does not exist → fallback to standard lock. 3. Compute trust_score = (process_hash in whitelist ? 10 : 5) - (recent audit_violations * 2). 4. If trust_score < policy.min_trust → return false. 5. If mode == WRITE and principal not in allowed_principals → return false. 6. Acquire kernel lock + apply encryption anchor. 7. Log event to `/var/log/pea_audit.json`. 8. Return true. We tested PEA against three scenarios using a 100GB corpus of mixed files (logs, source code, binaries). File Lock PEA

[4] eBPF.io – Extending kernel functionality securely. Compute trust_score = (process_hash in whitelist

[2] Linux man-pages. (2023). fcntl(2) – file locks. If trust_score &lt

version: "1.0" fileset: "/data/sensitive/*.db" policy: default_lock: mandatory_shared max_readers: 5 allowed_writers: - user: db_svc process: /usr/bin/postgres encryption_anchor: true audit_failures: true

HIDE FILTER
error: ¡Contenido Protegido!
Register

A link to set a new password will be sent to your email address.

Your personal data will be used to support your experience throughout this website, to manage access to your account, and for other purposes described in our política de privacidad.

Lost Password

¿Perdiste tu contraseña? Por favor, introduce tu nombre de usuario o correo electrónico. Recibirás un enlace para crear una contraseña nueva por correo electrónico.

Close
Close
Shopping cart
Close
Wishlist
Wishlist page
  • Main Menu