Re: Re: Trusted OS...

["Patrick Bryan" <patrickbryan () swedishamerican org>]

Speaking of Sidewinder, how does it hold up when compared to other
firewalls, suchs as Gauntlet and FW1?


----- Original Message -----
From: "Paul McNabb" <mcnabb () argus-systems com>
To: <mjr () nfr net>
Cc: <firewall-wizards () nfr net>
Sent: Tuesday, March 28, 2000 12:57 PM
Subject: Re: [fw-wiz] Re: Trusted OS...


> >  From mjr () nfr net  Thu Mar 23 13:10:30 2000
> >
> >  >Secure Computing - Sidewinder (BSD)
> >
> >  Are you sure about that? Secure computing makes a trusted operating
> >  system (called LOCK, if I recall correctly) but Sidewinder was based
> >  on BSDI with some orange book fairy dust blown on it - I don't think
> >  it was a _real_ trusted operating system, just good old BSDI (which is
> >  probably better) with some hacks in it to include the domain/type
> >  enforcement stuff.
>
> Yes, I classify Sidewinder on BSDI as a trusted OS (in addition to the
> LOCK stuff), because it implements a mandatory access control policy
> which is universally applied and it provides the ability to control
> privilege operations, both of which are defining characteristics of a
> trusted OS (along with the design/implementation process that is intended
> to meet evaluation criteria).  The fact that domain type enforcement is
> not a Bell-LaPadula model doesn't eliminate it from the running.
>
> What is "orange book fairy dust"?
>
> paul
>
> ---------------------------------------------------------
> Paul A. McNabb, CISSP           Argus Systems Group, Inc.
> Senior Vice President and CTO   1809 Woodfield Drive
> mcnabb () argus-systems com        Savoy, IL 61874 USA
> TEL 217-355-6308
> FAX 217-355-1433                "Securing the Future"
> ---------------------------------------------------------