• Press Kit
• Pictures
• Distribution List
• Archiv  

Anoubis limits Access Rights for increased Security

• Download as PDF

New Open Source Security Solution for Linux and OpenBSD Clients with easy-to-operate Interface for inexperienced Users

Kirchheim near Munich, Germany, 18 June, 2009. Anoubis closes security hole in PC workstations: even inexperienced users can now use the easy-to-operate Security Suite to restrict their PC applications access rights to essential files and network connections only. This custom allocation therefore replaces the existing procedure, which grants every application the full range of rights assigned to the user, opening up a favorable route for hackers to gain unrestricted access to the entire system via any application. Anoubis has been developed by GeNUA on behalf of the German Federal Office for Information Security (BSI). The open source solution runs on PCs and laptops with Linux or OpenBSD operating systems and is available for free download at the following link:

• www.anoubis.org

Attacks on IT systems and data are routed in the misuse of access rights. The more liberally such rights are assigned, the easier it becomes for successful attacks to be initiated. For example: an employee surfs a website containing a small program. The browser downloads and executes the program unnoticed by the user, and the program then collects all available data on the host computer and sends it to an online server. Since the access rights are tied to the user, the browser retains access to a vast quantity of data that it does not require to fulfill its actual purpose (i.e. to display websites). The new Anoubis solution facilitates restrictive access rights control in this regard, preventing access to such data.

Anoubis links Access Rights to Applications

With the Anoubis Security Suite, each application installed on the host PC or laptop is assigned only the specific access rights that are required to ensure problem-free operation. In contrast to other security solutions, Anoubis provides a rights allocation user interface that is specifically designed for use by inexperienced users. The basic configuration is selected via the mouse from several default profiles that meet a range of security requirements; a help system for extra features is also available from the menu. An expert mode facilitates special configurations. Anoubis also facilitates the creation of a superordinate administrator role that can be used, for instance, to preset standardized corporate-wide policies governing application access rights on laptops that individual users can only increase in terms of stringency, but cannot undercut.

Firewall and Sandbox Monitor Application Access

The access restrictions imposed by Anoubis are enforced by a personal firewall and a sandbox: the firewall allows the application in question to establish explicitly authorized network connections only, while the sandbox filters access to the file system. The Security Suite also uses checksums to prevent access rights manipulation: each application running subject to rights administration is assigned a checksum. If a hacker succeeds in manipulating an application, this is recognized on the basis of the erroneous checksum, and access of any nature is then prohibited.

Open Source Solution for Linux and OpenBSD

Anoubis is an open source solution available to companies, public authorities, and private users free of charge to patch the security hole affecting application-related access rights. The solution has been developed by the German IT security specialist GeNUA on behalf of the BSI, and runs on the Linux distributions Debian, RedHat, Ubuntu, and Fedora, and also OpenBSD. The security solution is additionally subject to ongoing development by GeNUA with a subsequent version set to offer a centralized management tool for a multitude of Anoubis clients, amongst other features.

About GeNUA

GeNUA, Gesellschaft für Netzwerk- und Unix-Administration, is a German company specializing in IT security. The company develops firewalls, remote maintenance and VPN solutions, data optimization for satellite communications, ongoing system management, and offers a comprehensive range of services. The GeNUGate and GeNUScreen firewalls are certified by the German Federal Office for Information Security (BSI) to the demanding Common Criteria (CC) level EAL 4+. Thanks to its impregnable self-protection system, GeNUGate is also the only firewall system worldwide to be classified as "Highly Resistant". Many businesses and public agencies rely on the experience and solutions of GeNUA, a company that was founded in 1992 and that employs more than 120 staff at its location in Kirchheim near Munich, Germany.

Further Information:

GeNUA
Gesellschaft für Netzwerk- und Unix-Administration mbH
Dietmar Bruhns
Domagkstrasse 7
85551 Kirchheim
Germany
fon +49 (89) 99 19 50 169
fax +49 (89) 99 19 50 999
dietmar_bruhns@genua.eu
www.genua.eu