Security Enhanced Linux implements fine-grained mandatory access control. Despite its usefulness, the overhead of implementing it on embedded devices is prohibitive. Therefore, in the past it has been proposed to accelerate SELinux by means of dedicated hardware; in this work we demonstrate the feasibility of such an approach by implementing a hardware accelerator for SELinux on a FPGA-based platform. Our implementation obtains a huge reduction in the performance overhead and energy consumption of SELinux, yet employing a limited chip area.
17th Asia and South Pacific Design Automation Conference, ASP-DAC 2012