Firewall Wizards mailing list archives
Re: Re: Trusted OS...
From: Rick Smith <rick_smith () securecomputing com>
Date: Mon, 03 Apr 2000 17:52:29 -0500
<whine> Gee whiz, guys, how can you have a Trusted OS discussion while I'm on vacation? I'm missing all the fun! </whine> Anyway, let me broach the question of "Is Sidewinder based on a Trusted OS?" Of course we have to start by saying what we mean by a Trusted OS. Some folks say that anything that completes a formal security evaluation is a Trusted OS. But that includes C level OSes that can't defend against well known threats like trojan horses. I don't especially like that definition since it labels recognizably weak OSes as "trusted." I generally agree with Paul McNabb that a true Trusted OS is one that implements a mandatory access control mechanism. That's what Sidewinder does with Type Enforcement. The point is that you can't bypass the type enforcement mechanism even if you gain root. It's always enforced, regardless of user ID. For what it's worth, a lot of engineering went into the integration of type enforcement into BSD. Basically, we dug into the guts of the system and installed mandatory access control checks, generally in conjunction with existing DAC checks. Then we added checks on other things we needed to control, like network interfaces and individual ports. It took 2 or 3 releases to get all that done. The results have satisfied some very paranoid customers over the years. I recognize that it's very hard to tell from the outside whether the engineering work is marketing hype or not. In the past, SCC has never perceived a marketing or sales benefit in submitting Sidewinder to a formal security evaluation. This could change now that the Common Criteria is in place, especially since the Govt is trumpeting new rules about purchasing evaluated firewalls. Since so many commercial firewalls have devolved into (or returned to their roots as) filtering routers, it might be hard to see a benefit in using a trusted OS. These things let so much through that the principal threats aren't against the firewall itself. However, some customers do maintain a level of paranoia and implement the appropriate security policies to make it worthwhile for them. Rick. smith () securecomputing com
Current thread:
- Re: Re: Trusted OS... Paul D. Robertson (Apr 04)
- <Possible follow-ups>
- Re: Re: Trusted OS... Civ David R. Sears (Apr 04)
- Re: Re: Trusted OS... Pere Camps (Apr 10)
- RE: Re: Trusted OS... Michael . Owen (Apr 10)
- Re: Re: Trusted OS... Iván Arce (Apr 10)
- RE: Re: Trusted OS... Starkey, Kyle (Apr 10)
- Re: Re: Trusted OS... Bennett Todd (Apr 10)
- Re: Re: Trusted OS... Rick Smith (Apr 10)
- RE: Re: Trusted OS... Rick Smith (Apr 13)
- RE: Re: Trusted OS... Matthew . Hannigan (Apr 17)