Re: Dangerous promises...

[Valdis.Kletnieks () vt edu]

On Fri, 13 Nov 2009 06:01:08 +0200, Gadi Evron said:

> Virtualization by compartmentalization? I haven't heard of Biba.

You haven't?  You're deserving of getting smacked about with a large trout. ;)

http://en.wikipedia.org/wiki/Biba_model
http://en.wikipedia.org/wiki/Bell-LaPadula_Model

(And in today's "connect the dots", the Roger Schell who helped with the
Bell-LaPadula model is the same guy who did the famous Karger & Schell security
evaluation of Multics - that eval was the "unnamed Air Force paper" that was
the inspiration for Ken Thompson's Turing Award Lecture "On Trusting Trust").

(And no, neither Biba nor Bell-LaPadula are really workable in most real-world
environments, but you really need to be familiar with how both are designed
and *why* they end up not working if you want to understand the theoretical
underpinnings of computer security...)

Attachment: _bin
Description:

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.