Firewall Wizards mailing list archives
Re: firewalls and the incoming traffic problem
From: Rick Smith <rsmith () visi com>
Date: Wed, 1 Oct 1997 22:08:01 -0500
At 8:58 AM -0500 9/29/97, Bennett Todd wrote:
I think something that's closer to implementable, and that may just give us the boost we need to last for another decade or two, will be a richer security infrastructure. There's a basic concept out there, for which I don't have a good name; it lies underneath the Mandatory Access Control notions of the rainbow book series, and TIS's Domain Type Enforcement. It also lies behind the dataflow security implementation in Perl.
I'm not sure that's an accurate interpretation of TIS' Domain Type Enforcement. The basic concept is derived from SCC's type enforcement which *is* a mandatory access control mechanism operating in a reference monitor context. TIS' work essentially applied it to access controls in a networking context. Perhaps a TIS person could give their own opinion, but the two are different. Rick. smith () securecomputing com secure computing corporation "Internet Cryptography" in bookstores http://www.visi.com/crypto/
Current thread:
- RE: firewalls and the incoming traffic problem Dominique Brezinski (Oct 01)
- RE: firewalls and the incoming traffic problem Phil Cox (Oct 09)
- <Possible follow-ups>
- Re: firewalls and the incoming traffic problem Darren Reed (Oct 01)
- Re: firewalls and the incoming traffic problem David Collier-Brown (Oct 01)
- Re: firewalls and the incoming traffic problem Rick Smith (Oct 02)
- Re: firewalls and the incoming traffic problem Rick Smith (Oct 02)
- Re: firewalls and the incoming traffic problem Aleph One (Oct 02)
- Re: firewalls and the incoming traffic problem Hal Feinstein (Oct 02)
- RE: firewalls and the incoming traffic problem Bill Stout (Oct 10)
- RE: firewalls and the incoming traffic problem Bill Stout (Oct 13)
- Re: firewalls and the incoming traffic problem Adam Shostack (Oct 13)