security levels, V.4
Ran Atkinson
randall at Virginia.EDU
Tue Dec 4 02:26:42 AEST 1990
In article <1990Dec3.122925.1968 at odi.com>,
benson at odi.com (Benson I. Margulies) writes:
>Randall at virginia is misinformed:
No. I was avoiding the use of technical jargon and avoiding
going into detail that I felt was inappropriate for this
audience. That isn't nearly the same has being incorrect or
misinformed. Next time don't be quite so quick to flame without
cause.
I stand by my statement that a B system is harder to break into
(i.e. more trustworthy) -- realise that I (like most folks)
consider a break in to be ANY form of unauthorised access to data
or other compromise of system security in general.
>a B2 system has two things that no C system has (other than
>labels)
>1) trusted path:
>
>2) an implementation that passed must stricter muster with the DODCSC.
>B2 systems have to have full design documentation and meet some modularity
>standards. C systems just sort of have to have the features.
>Curious individuals should acquire copies of the orange book and
>see for themselves.
I was looking at my personal copy when I wrote my comments. I agree
that those interested in the topic should look at the original document.
Followups have been redirected to misc.security.
More information about the Comp.unix.sysv386
mailing list