Almost two months after the launch of the IoT-based Azure Cloud Platform, Microsoft has now announced a new Linux security module (LSM) for embedded devices. The security module, called Integrity Policy Enforcement (IPE), aims to resolve the integrity problem in the Linux kernel by adding a new security feature.
What Is Integrity Policy Enforcement (IPE)?
IPE is a Linux security module that checks the code integrity on the whole system restricting any unauthorized code execution. Administrators have full control over the running of authorized processes.
As per the official notes, a system admin can also create a list of binaries with corresponding verification attributes. This helps IPE to run only the binaries having verified attributes and block the malicious or altered binary code.
If you don’t know, the Azure IoT platform implements the same Linux kernel. Hence, the IPE project is specially designed for embedded systems with specific purposes like network firewall devices in a data center. However, you cannot use the IPE for general-purpose computing.
How does IPE differ from other Linux security modules?
Although the Linux kernel already has several modules for integrity verification like IMA. IPE specifically offers run time verification of binary code. Microsoft claims that IPE differs from other LSMs in various ways which provide integrity checking.
For instance, IPE has no dependency on file system metadata and attributes that IPE checks. Moreover, IPE does not implement any mechanisms to verify IMA signature files. This is because Linux kernel already has modules for the same like dm-verity.
Owners of the system can build their own policies for integrity checks and utilize built-in dm-verity signatures to authenticate codes.
To conclude, the new project brings a new Linux security module that other modules fail to do to secure the system from malicious code execution.
