This masters thesis describes the Umbrella security mechanism for Linux on handhelds. Umbrella implements a combination of process based mandatory access control and authentication of files.

Umbrella is implemented on top of the Linux Security Modules framework in Linux kernel 2.6. A HP iPAQ PDA has been used for implementation and testing purposes.

The mandatory access control scheme is enforced at process level, by a set of restrictions for each process, where every process has at least the restrictions of its parent. When a process spawns a new child process, it is possible for the programmer to specify a more restrictive context for this child. Thus, it is possible for the programmer to enforce the principle of least privilege for possibly dangerous child processes.

Vendors provides signed executables by means of public key cryptography. The signature consists of a set of restrictions to be set on time of execution and a hash value of the executable. The latter enables Umbrella to check if the file has been altered.

The process based MAC part of Umbrella have been successfully implemented, and file system relevant implementation is pending work. Furthermore, Umbrella have been benchmarked for performance and methods for verifying LSM have been investigated.