Re: Re: Trusted OS...

[Paul McNabb <mcnabb () argus-systems com>]

>  From mjr () nfr net  Thu Mar 23 13:10:30 2000
>  
>  >Secure Computing - Sidewinder (BSD)
>  
>  Are you sure about that? Secure computing makes a trusted operating
>  system (called LOCK, if I recall correctly) but Sidewinder was based
>  on BSDI with some orange book fairy dust blown on it - I don't think
>  it was a _real_ trusted operating system, just good old BSDI (which is
>  probably better) with some hacks in it to include the domain/type
>  enforcement stuff.

Yes, I classify Sidewinder on BSDI as a trusted OS (in addition to the
LOCK stuff), because it implements a mandatory access control policy
which is universally applied and it provides the ability to control
privilege operations, both of which are defining characteristics of a
trusted OS (along with the design/implementation process that is intended
to meet evaluation criteria).  The fact that domain type enforcement is
not a Bell-LaPadula model doesn't eliminate it from the running.

What is "orange book fairy dust"?

paul

---------------------------------------------------------
Paul A. McNabb, CISSP           Argus Systems Group, Inc.
Senior Vice President and CTO   1809 Woodfield Drive
mcnabb () argus-systems com        Savoy, IL 61874 USA
TEL 217-355-6308
FAX 217-355-1433                "Securing the Future"
---------------------------------------------------------