home *** CD-ROM | disk | FTP | other *** search
- Newsgroups: comp.os.os2.programmer
- Path: sparky!uunet!gatech!cc.gatech.edu!terminus!terryk
- From: terryk@terminus.gatech.edu (Terry Kane)
- Subject: Re: C2 Security
- Message-ID: <terryk.711987309@cc.gatech.edu>
- Sender: news@cc.gatech.edu
- Organization: Georgia Tech College of Computing
- References: <976@engcon.marshall.ltv.com>
- Date: Fri, 24 Jul 1992 14:15:09 GMT
- Lines: 23
-
- rodgers@engcon.marshall.ltv.com (KMRODGERS) writes:
-
- >All of this talk about NT's level of security misses a very important point:
- >The OS itself has no security rating. ONLY hardware/software combinations
- >are security rated. It makes no sense to talk about an OS having a C2 or
- >whatever rating. A computer _system_ is rated -- not an OS.
-
- Geez. What whingeing!
-
- Orange book ratings used in general computing are overkill.
- Basically, I think that non-defense users are looking at two or three
- categories: unsecure and generally secure. The protection that's
- desired is protection against malicious or ignorant attacks on the
- integrity of the system. ACLs on the file system and device drivers
- provide this, and ACLs are provided at the C2 level.
-
- Hence - I want C2 from my operating system. I'll provide physical
- security, and if anybody wants to steal my data by monitoring
- electromagnetic emissions - Hey, more power to 'em.
- -------------------------------------------------------------------
- Terry Kane (terryk@cc.gatech.edu)
- -------------------------------------------------------------------
- I am a .sig file virus. Copy me into your signature file please.
-