Lead Image © Kirsty Pargeter, 123RF.com

Lead Image © Kirsty Pargeter, 123RF.com

Securing AI model deployments with SELinux

Blocked

Article from ADMIN 88/2025
By , By , By
We assess the effectiveness of SELinux in protecting AI model deployments on RHEL 9, demonstrating its ability to block unauthorized access, modification, and resource exploitation through mandatory access control.

Artificial intelligence (AI) model deployments are increasingly targeted by attackers aiming to steal sensitive data, tamper with models, or exploit computational resources. Security-Enhanced Linux (SELinux), a mandatory access control (MAC) framework, offers robust protection beyond traditional discretionary access control (DAC). In this article, we investigate the effectiveness of SELinux in securing AI workloads on Red Hat Enterprise Linux (RHEL) 9 through experiments simulating real-world attack scenarios. Our objectives are to evaluate the Linux security module's ability to prevent unauthorized model modification, workload execution, data theft, and directory tampering.

Prior studies have explored SELinux for securing enterprise systems [1], but its application to AI deployments remains under explored. Research on AI security highlights vulnerabilities in model files and compute resources [2]. Our work bridges this gap by demonstrating the role that SELinux can play in protecting AI systems.

Methodology

Experiments were conducted on RHEL 9, a modern enterprise-grade platform. We deployed an 18-layer convolutional neural network (CNN; ResNet-18) model (PyTorch) with a Flask API and simulated attacks under two conditions: SELinux in permissive mode (relying on DAC) and enforcing mode (with MAC). Attack scenarios included unauthorized model modification, workload execution, file theft, and directory tampering. SELinux policies assigned specific roles (e.g., staff_u) and file contexts (e.g., public_content_t).

Unauthorized AI Model Modification

The objective was to evaluate SELinux's ability to prevent unauthorized modification of deployed AI model files. A ResNet-18 model was stored

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs



Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>
	</a>

<hr>		    
			</div>
		    		</div>

		<div class=