Firewall Wizards mailing list archives

RE: New FW architecture? (was RE: Time for a new FWTK?)

From: "Stout, William" <StoutW () pios com>
Date: Tue, 09 Dec 1997 14:07:17 -0500

----- Original Message -----
From: Safier, Adam (GEIS) [SMTP:Adam.Safier () geis ge com]
Reply To:     Safier, Adam (GEIS) [SMTP:Adam.Safier () geis ge com]
Sent: Monday, December 08, 1997, 11:16:34
To:   Stout, William
Subject:      RE: New FW architecture? (was RE: Time for a new FWTK?)

The distributed control concepts need to be expanded further to include
hierarchical levels of control.  A central IC might set the high level


You're right.  

I've seen e-commerce systems designed for two levels of access, then
patched for additional levels of access.  It would've been better if
they used a multi-level security system from the start, and initially
used two levels of that.  I haven't yet dwelled on 'role'/'function'
security (set-set-set-superset) vs. the hierarchical model
(set-subset-superset) security issue either.

Bill Stout
________________________________________________________________________
________
1998 will be the year of 'E-commerce' - Self

Current thread:

RE: New FW architecture? (was RE: Time for a new FWTK?) Stout, William (Dec 01)
- <Possible follow-ups>
- RE: New FW architecture? (was RE: Time for a new FWTK?) Ted Doty (Dec 03)
- RE: New FW architecture? (was RE: Time for a new FWTK?) Stout, William (Dec 03)
- RE: New FW architecture? (was RE: Time for a new FWTK?) Safier, Adam (GEIS) (Dec 08)
- RE: New FW architecture? (was RE: Time for a new FWTK?) Stout, William (Dec 09)
- RE: New FW architecture? (was RE: Time for a new FWTK?) Safier, Adam (GEIS) (Dec 11)