Re: After Y2K, critical infrastructure

[Alex Pilosov <alex () pilosoft com>]

On 23 Dec 1999, Sean Donelan wrote:

> At 08:49 PM 12/23/99 -0500, Deepak Jain wrote:
> > Sorry to ruin your sleep. NT is ONLY C2 certified as a standalone
> > workstation. I.e. NO NETWORKING DRIVERS ENABLED
>
> Good grief Charlie Brown, it was a joke.
>
> C2 certification means about as much as Y2K certification.  There are
> so many qualifications they are meaningless in any real world situation.
> It's another checkmark you have to make on the paperwork before winning
> the bid.
Indeedity.

> The issue of being C2 certified only as a standalone workstation is hardly
> unique to Microsoft NT.  As far as I know, ALL the C2 certified operating
> systems Unix, VMS, VM, etc are only in standalone mode.  Others, such
> as Linux, aren't certified even in standalone mode (well, maybe in the
> unplugged, encased in concrete, and dropped to the bottom of the ocean mode).

The US standard for evaluating trusted systems, TCSEC, (Orange Book)  
indeed does not specify anything about network. UK standard, ITSEC, Red
Book, does. I think they are trying to merge these two into a new
"consolidated evaluation criteria" or somesuch.

In addition, systems can be evaluated under TNI (Trusted Network
Interpretation) of TCSEC, but I think nobody bothered to do it, because
ITSEC is better at specifying security...(Or maybe its easier for
vendor to get ITSEC certification than TNI?)

-- 
Alex Pilosov            | http://www.acecape.com/dsl
Acecape, Inc.           | AceDSL:The best ADSL in Bell Atlantic area
325 W 38 St. Suite 1005 | (Stealth Marketing Works! :)
New York, NY 10018      |