The Certifiable Linux Integration Platform (CLIP) project provides a security hardened operating system platform to host secure applications. CLIP defines a specific configuration of Security Enhanced Linux (SELinux) designed to provide the foundation for hosting secure applications. This configuration consist of a separation of roles, mandatory access control (MAC), discretionary access control (DAC), and data separation. With this foundation in place, the hosted application need only concern itself with the specific security details of its task and not necessarily those associated with these overhead functions. By using CLIP, implementers can provide evidence of compliance with established operating system security requirements. These established operating system security requirements are:
The requirements identify the following four areas: Confidentiality, Integrity, Availability and Accountability. CLIP is designed to support these areas in the following manner.
CLIP currently consists of the following two instances:
The goals for the the CLIP Project are to provide the following items: