Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.anu.edu.au!harbinger.cc.monash.edu.au!newsroom.utas.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!news.ysu.edu!usenet.ins.cwru.edu!pravda.aa.msen.com!nntp.coast.net!news.kei.com!newsfeed.internetmci.com!news.ac.net!pacifier!rainrgnews0!news.aracnet.com!news
From: beattie@coyote.aracnet.com (Brian Beattie)
Newsgroups: comp.os.linux.development.system,comp.os.linux.misc,comp.os.linux.networking,comp.unix.bsd.freebsd.misc,comp.unix.bsd.netbsd.misc,comp.unix.bsd.bsdi.misc
Subject: Re: need secure OS to entrust millions to
Date: 10 Mar 1996 05:57:14 GMT
Organization: aracnet.com -- Portland's loudest electrons
Lines: 53
Message-ID: <4htqvq$d5o@cobweb.aracnet.com>
References: <4gi6t6$3h9@lace.colorado.edu> <31304401.3341@pinsight.com> <4gq2j9$2g48@babyhuey.cs.utexas.edu> <nhammond.3.00AE67CD@mindspring.com>
NNTP-Posting-Host: ppp-t31.aracnet.com
X-Newsreader: knews 0.9.3
Xref: euryale.cc.adfa.oz.au comp.os.linux.development.system:19005 comp.os.linux.misc:90734 comp.os.linux.networking:31154 comp.unix.bsd.freebsd.misc:15179 comp.unix.bsd.netbsd.misc:2424 comp.unix.bsd.bsdi.misc:2596
In article <nhammond.3.00AE67CD@mindspring.com>,
nhammond@mindspring.com (Nicolas Hammond) writes:
>In article <4gq2j9$2g48@babyhuey.cs.utexas.edu> dhs@cs.utexas.edu (Douglas H. Steves) writes:
>>From: dhs@cs.utexas.edu (Douglas H. Steves)
>>Subject: Re: need secure OS to entrust millions to
>>Date: 25 Feb 1996 10:26:17 -0600
>
>>In article <31304401.3341@pinsight.com>,
>>Roy A. Gilmore <royg@pinsight.com> wrote:
>>>Banks need B1-B2 level security.
>>No. Most of the functional differences at B1+ are related
>>to mandatory [sic] access controls, which is a DoD-ish
>>policy/fetish that doesn't apply to commercial environments.
>>A lot of the remainder are miscontrived and misconstrued
>>software engineering fallacies that have nothing to do with
>>real security.
>
>I used to work at SecureWare (I now have my own consulting company)
>and was the one responsible for setting up the "secure" machine for
>Security First Network Bank (www.sfnb.com), the world's first
>on-line bank. I also helped with the design of the entire security
>architecture .I have also set-up other banks, including the first bank offering
>on-line services in Central America. I have also set-up commercial Web
>sites that "protect millions" (usually data, but data critical to some
>fortune-100 companies).
I also used to work at SecureWare, although not as long as Nick, although
I had been working with with Trusted Computing for almost as long as
SecureWare had been around. I must agree with most of the points that the
Doug made. That is most of the Rainbow series is either irrelavent or
wrong for commercial concerns. I also have a lot of problems with most
implementations of DoD type security but that is another matter.
Nick has a very good point and I agree with it that having a system with a
defined level of assurance. One that has been reviewed and tested by an
independent authority. One that includes detailed documentation on the
"correct" operation is important. Other than that no DoD level is better
than standard UNIX security for "most" commercial applications.
That said the assurance issue is a major one and for that reason alone
I would steer clear of Free unixes, for applications requireing high
assurance, unless you want to do the work required to have that assuracne.
The rest of what Nick say about levels is pure gospel according to NCSEC
and pretty much smoke and mirrors. That is to say if your security can
be breached at one level, it can probably be breached at any level.
--
Brian Beattie | [From an MIT job ad] "Applicants must also have
| extensive knowledge of UNIX, although they should
beattie@aracnet.com | have sufficently good programming taste to not
Fax (503)331-8186 | consider this an achievement."