Re: [fw-wiz] Defense in Depth to the Desktop

From: Magosányi Árpád (mag_at_bunuel.tii.matav.hu)
Date: 12/08/04

  • Next message: Adam Shostack: "Re: [fw-wiz] Re: Spyware mumbo jumbo and bigger woes" 
    To: Chris Pugrud <cpugrud@yahoo.com>
Date: Wed, 8 Dec 2004 18:46:41 +0000

    A levelezőm azt hiszi, hogy Chris Pugrud a következőeket írta:
    > > It is interesting to note that what you propose can be viewed as an
    > > example of the Bell-LaPadula modell with two security levels.
    > >
    > This was recently pointed out to me, and I will be framing my academic writeup
    > more along those lines. It would be more helpful if I can frame it in terms of
    > Sandhu's SPM because of the decidable safety properties of SPM. It also
    > doesn't hurt that Sandhu is my advisor. Thinking about the model in those
    > terms adds to the vocabulary as well as making the analisys more interesting,
    > but it will take me a few more months to really wrap my head around.

    SPM is a new thing to me. I could not find the original paper in
    citeseer, but found one with definition of SPM (about undecidability of
    safety in SPM with cyclic creates). It seems to be a much more baroque
    model than even my version of Bell-LaPadula. I cannot even understand it
    for first read. Can you show me a security policy modell of an actual IT
    system using SPM?

    Also we seem to forget that VLANs are not considered to be dependable
    enough to be used as a domain separation mechanism. Or did I sleep while
    something revolutionary had happened? 

    -- 
GNU GPL: csak tiszta forrásból
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
  • Next message: Adam Shostack: "Re: [fw-wiz] Re: Spyware mumbo jumbo and bigger woes"