Firewall Wizards mailing list archives
Re: Re: Trusted OS...
From: "Paul D. Robertson" <proberts () clark net>
Date: Thu, 30 Mar 2000 00:43:31 -0500 (EST)
On Wed, 29 Mar 2000, Ryan Russell wrote:
Are you sure about that? Secure computing makes a trusted operating system (called LOCK, if I recall correctly) but Sidewinder was based on BSDI with some orange book fairy dust blown on it - I don't think it was a _real_ trusted operating system, just good old BSDI (which is probably better) with some hacks in it to include the domain/type enforcement stuff.Isn't that the central problem? Do C level and below Orange Book requirements actually help anything? If I can take an OS, and add some typing features, and have the money for the testing, is C2 useful at all?
Sure, it's useful in the same way that putting NT on laptops that had 98 on them is useful- you must be able to log in to the system to use it. Beyond that, C isn't that much above D, but historically we've needed to specify the named user requirement.
I think what you're speaking to is the fact that the denotative definition of "trusted OS" in the US is just meeting the rainbow requirements. While most of us as security people would like to think that "trusted OS" means that it has some actual security and has been carefully audited.
I've always considered B2 to be the bar, and B1 to be acceptable for limited environments.
Certainly that doesn't mean an OS that has been succesfully been evaluated can't also be secure... I think it just means that a rating alone doesn't give assurance that the OS is secure (or even any more secure than another.) I don't think that will be a big surprise to anyone here.
Yawning through some Final Evaluation Reports doesn't help either. I've always felt it necessary to go to someone who was involved in the eval to get questions answered. Even then it's no fun trying to get someone to tell you where they've documented around issues and what failure modes they're worried about. I prefer Red Book fairy dust though, it makes the Ethernet cables sparkle. MAC/role by source address, authentication method and transport key and/or encryption algorithm is where I'd like to see Linux-based solutions go. If only I had more time... Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions proberts () clark net which may have no basis whatsoever in fact." PSB#9280
Current thread:
- Re: Re: Trusted OS... Paul D. Robertson (Apr 04)
- <Possible follow-ups>
- Re: Re: Trusted OS... Civ David R. Sears (Apr 04)
- Re: Re: Trusted OS... Pere Camps (Apr 10)
- RE: Re: Trusted OS... Michael . Owen (Apr 10)
- Re: Re: Trusted OS... Iván Arce (Apr 10)
- RE: Re: Trusted OS... Starkey, Kyle (Apr 10)
- Re: Re: Trusted OS... Bennett Todd (Apr 10)
- Re: Re: Trusted OS... Rick Smith (Apr 10)
- RE: Re: Trusted OS... Rick Smith (Apr 13)
- RE: Re: Trusted OS... Matthew . Hannigan (Apr 17)