Handling security in enterprise environments. Lots of NIST documents to read.

Basic security principles, policy, certification, etc, etc...

Pretty much exactly what it sounds like.

My main goal for this semester is to clean up libeat, a simple userland library that handles extended attribute trees for RAAC. Current issue with the library that I know of:

• Does not check for existing extended attributes when writing RAAC permissions, effectively deleting them.
• Filesystem specific limits on extended attribute size is not taken into account, libeat currently uses a set max size that works with my testing programs.
• The code is dirty. Like really dirty. Like I'm-sorta-ashamed-to-claim-it-as-my-own dirty. This was my first foray into pure C (I learned to program in C++, then moved to Java in college). There are just enough subtle differences that jumping in head first didn't really work that well, especially given how long it had been since I worked with C++ even. Not to mention all the other crap which has gone on the last couple of years.

NDPEA provides a means for hosts to disable/enable portions of the SELinux policy in response to alerts from host- and network-based sources. Though this started as an idea of an alum that worked in our lab, I think my modifications will make it a lot more useful. We published a paper on it in March 2006. Now I'd like to develop some reasonable rule-sets and policy, and start looking into labeled IPsec and "programmable security" utilizing NDPEA.

Mud client geared for use with RetroMUD, a game I sorta got into over in Germany (the userbase is far from being mostly German, but I met a number German speakers there). I don't play so much these days, but still have a number of internet friends that I first met there. This project is mostly to play around with various stuff, from network programming to Java gui interfaces, as well as address some of the short comings of the clients I've seen out there. It's basic architecture consists of a pair of bare network pipes with stacks of plugins between them and the user interface. Virtually all features will be implemented as plugins. Right now it's basically just a glorified telnet client, but eventually I want to move it over to a SWT interface.

I'm actually thinking about writing this in Python now.

I got involved in this game while I was over in Germany (after I ran out of money). It's a Multi User Domain/Dungon, sort of like a text-based MMORPG (e.g. World of Warcraft). It's a rather complex game, has a backstory and environment that has grown on me, and the community is rather awesome. I have three characters: Madrados, a turtle mage/bard that specializes in drowning things while studying, recording, and compiling the history of the Retroverse; Endor, a half-insane shadow assassin; and Ruthven, my originally vampire swashbuckler turned gargoyle paladin turned minotaur "fake-jomsviking" fighter. I've never done much in the way of RPGs, so this has been interesting.