*BSD News Article 62905


Return to BSD News archive

Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!bunyip.cc.uq.oz.au!munnari.OZ.AU!uunet!in2.uu.net!panix!not-for-mail
From: tls@panix.com (Thor Lancelot Simon)
Newsgroups: comp.os.linux.development.system,comp.os.linux.misc,comp.os.linux.networking,comp.unix.bsd.freebsd.misc,comp.unix.bsd.netbsd.misc,comp.unix.bsd.bsdi.misc
Subject: Re: need secure OS to entrust millions to
Date: 24 Feb 1996 21:32:40 -0500
Organization: Panix
Lines: 38
Message-ID: <4goho8$kfc@panix2.panix.com>
References: <4gi6t6$3h9@lace.colorado.edu> <4gl7os$9av@skate.demon.co.uk>
Reply-To: tls@rek.tjls.com
NNTP-Posting-Host: panix2.panix.com
Xref: euryale.cc.adfa.oz.au comp.os.linux.development.system:18776 comp.os.linux.misc:90234 comp.os.linux.networking:30818 comp.unix.bsd.freebsd.misc:14967 comp.unix.bsd.netbsd.misc:2395 comp.unix.bsd.bsdi.misc:2558

In article <4gl7os$9av@skate.demon.co.uk>,
Iain Hibbert <plunky@skate.demon.co.uk> wrote:
>Bryce <wilcoxb@cs.colorado.edu> writes:
>> I'm writing documentation which advises banks on how to
>> setup an electronic banking software package on a
>> Net-connected, firewall-protected Intel box.  Some of the
>> most important banks in the world will be reading this
>> documentation very soon.
>
>most any unix system is easily capable of doing what you
>outline, free unixes included..
[deletia]

Since he hardly "outlines" anything, I guess you get this oneon a
technicality.

On the other hand, "most any unix system is easily capable of meeting formal
security requirements", which is how I'd describe the melange of what you're
saying and what he's saying, is definitely a very dangerous fallacy.

If you really think that it's true, I suggest that you try to spend a few days
in one of Matt Bishop's UNIX security courses.  He gives lots of specific UNIX
advice, but the most valuable part from my point of view is the material on
formal security analysis and methodology.  It's sketchy to say the least, but
it points towards a huge body of work which is almost unknown in the UNIX
community.

If you want to meet formal, millitary-style computer security requirements,
run a certified secure operating system like Trusted Solaris or TIS'
Trusted Mach.  Pretending that traditional UNIX is genuinely secure will put
you in a world of hurt.

I would suspect that banks handling large multimillion dollar transactions
have, in fact, security requirements that strict, even if they sometimes
choose to ignore them.
-- 
 Thor Lancelot Simon	                                      tls@rek.tjls.com
                        love is an angel disguised as lust