Re: NSA - Spook Linux


From: Stephen Smalley <sds@tislabs.com>
Subject: Re: NSA - Spook Linux
Date: Wed, 10 Jan 2001 08:51:48 -0500 (EST)

Next Article (by Subject): Re: NSA - Spook Linux "Michael H. Warfield"
Previous Article (by Subject): Re: NSA - Spook Linux Peter Busser
Top of Thread: NSA - Spook Linux "Furmanek, Greg"
Next in Thread: Re: NSA - Spook Linux "Michael H. Warfield"
Articles sorted by: [Date] [Author] [Subject]


On Tue, 9 Jan 2001, Don wrote:

> Stephen Smalley <sds@tislabs.com> said:
> 
> > In comparison to traditional lattice-based models like BLP and Biba, Type
> > Enforcement is better suited to providing integrity protection, especially
> 
> I disagree. While forms of type enforcement are not the correct schema for
> an information flow model, there is surprising power in simply keeping
> compartments from interacting. My ramblings on the subject may be found at
> http://research-cistw.saic.com/cace/dte.html.

Perhaps my statement was unclear.  I was not suggesting the Type
Enforcement is limited to providing integrity protection, just
that its properties are especially useful in providing integrity
protection.  I agree that Type Enforcement is also useful in
enforcing confidentiality requirements.

--
Stephen D. Smalley, NAI Labs
sds@tislabs.com


-
To unsubscribe from the rsbac list, send a mail to
majordomo@rsbac.org with
unsubscribe rsbac
as single line in the body.

Next Article (by Subject): Re: NSA - Spook Linux "Michael H. Warfield"
Previous Article (by Subject): Re: NSA - Spook Linux Peter Busser
Top of Thread: NSA - Spook Linux "Furmanek, Greg"
Next in Thread: Re: NSA - Spook Linux "Michael H. Warfield"
Articles sorted by: [Date] [Author] [Subject]


Go to Compuniverse LWGate Home Page.