Star Lab's Linux Unprivileged Root Environment (LURE) product addresses threats to embedded Linux devices by locking down and hardening the deployment software configuration, and ensuring there is no administrative way to bypass system protections at rest, startup, or runtime.
Implementing high-level capabilities such as mandatory access control (MAC), functionality removal, isolation/containerization, and file integrity, LURE provides easy-to-integrate capabilities for increasing system security, and helps ensure the integrity and confidentiality of critical system information even in the face of a dedicated attacker.
LURE enables embedded manufacturers to provide: enforcement and integrity verification of system configuration, OS hardening and attack surface reduction, system resource access control, secure software updates, application containerization, intellectual property/data protection, and jailbreaking prevention and execution of unauthorized applications.
- Application containerization
- Enforcement and integrity verification of system configuration
- IP/data protection
- Jailbreaking prevention and execution of unauthorized applications
- OS hardening and attack surface reduction
- Secure software updates
- System resource access control