Integrity

Integrity is a Gentoo Hardened subproject aiming for the integration of off-line system integrity technologies within Gentoo.

This project will support the Linux IMA/EVM technology within Gentoo Linux, which perform integrity checks during boot. The primary focus is to prevent tampering of files, settings and images: when this occurs, the boot-up of the system detects the tampering and refuses to load further (or report this to the administrator). The project will support the necessary kernel patches, utilities and documentation. The goal is to make off-line integrity checks, compliance checks and reporting available to the wider public.

Next to the integrity subsystem within Linux (IMA/EVM), this project will also support the various trusted computing technologies (such as TPM support) through well-documented guides and tools.

Integrity resources

About IMA and EVM

• Introduction and Concepts gives a high-level introduction to system integrity and some of the involved technologies

Intrusion Detection Systems

• AIDE is the Advanced Intrusion Detection Environment and is a simple yet powerful method for online or offline integrity scanning.

Limitations

Online tampering detection support is a later goal. Other integrity-related technologies, compliance checks and reporting technologies will also be supported sometime in the future. Also see qcheck for portage related on-line integrity checking.

See also

• System Integrity subproject page
• Integrity Measurement Architecture — is responsible for calculating the hashes of files and programs before they are loaded