funsec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Dangerous promises...

From: Gadi Evron <ge () linuxbox org>
Date: Fri, 13 Nov 2009 06:46:36 +0200
Valdis.Kletnieks () vt edu wrote:

On Fri, 13 Nov 2009 06:01:08 +0200, Gadi Evron said:


Virtualization by compartmentalization? I haven't heard of Biba.


You haven't?  You're deserving of getting smacked about with a large trout. ;)



And indeed, I admit my lack of knowledge. Thanks for the references.

Regardless, SecureOL was a startup a friend of mine started a few years 
ago. They used to do the same concept in a way which I trusted. And yet 
they never claimed to be infallible. These new guys are just claiming 
idiocy, but I am giving them, rather than their claims, the benefit of 
the doubt.



http://en.wikipedia.org/wiki/Biba_model
http://en.wikipedia.org/wiki/Bell-LaPadula_Model

(And in today's "connect the dots", the Roger Schell who helped with the
Bell-LaPadula model is the same guy who did the famous Karger & Schell security
evaluation of Multics - that eval was the "unnamed Air Force paper" that was
the inspiration for Ken Thompson's Turing Award Lecture "On Trusting Trust").

(And no, neither Biba nor Bell-LaPadula are really workable in most real-world
environments, but you really need to be familiar with how both are designed
and *why* they end up not working if you want to understand the theoretical
underpinnings of computer security...)




-- 
Gadi Evron,
ge () linuxbox org.

Blog: http://gevron.livejournal.com/
_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.
Previous By Date Next
Previous By Thread Next

Current thread: