TrustedBSD Auditing Facilities (was RE: FreeBSD usage in safety-c ritical environments)

Nelson, Trent . tnelson at switch.com
Fri Oct 11 07:04:44 GMT 2002


Hi,

> -----Original Message-----
> From: Robert Watson [mailto:rwatson at freebsd.org]
> Sent: Thursday, October 10, 2002 11:06 PM
> To: Nelson, Trent .
> Cc: 'chromexa at ovis.net'; 'hackers at freebsd.org'
> Subject: RE: FreeBSD usage in safety-critical environments
> 
> 
> On Wed, 9 Oct 2002, Nelson, Trent . wrote:
> 
> > 	If you're referring to security criteria (Trusted Computer
> > Security Evaluation Criteria or ITSEC for Euro/UK), then no, FreeBSD
> > doesn't currently provide any features C2/F-C2+ configuration (Access
> > Control Lists, auditing, accountability, etc).  This is being tackled by
> > TrustedBSD though, which I'm sure Robert Watson can provide some more
> > information on.

> We don't current have an audit
> implementation, but I'm working to resolve that issue as soon as possible.
> The only big thing missing from the picture is actually someone who wants
> to bring FreeBSD to market with an evaluation--someone who's willing to go
> the distance on the evaluation process (paperwork, testing, etc).  My
> goals for FreeBSD 6.0 include feature completeness on CAPP (C2) and LSPP
> (B1).

	Has anyone taken a look at how Tru64 UNIX tackles auditing, or even
enhanced security in general?  I've had to devise a strategy over the last
few weeks for work to address the need for cross-Atlantic network
connectivity between a test-bed environment and what will eventually become
a 'live' safety-critical environment.  The security configuration for such a
system (system being the components interacting with the link, not the
actual safety-critical system per se) must be very tight, and we've
basically prevented connectivity to anything other than the Tru64 UNIX
servers as nothing else we have can be configured to an acceptable level
(well, at least Linux anyway).

	The Security Integration Architecture and auditing subsystem of
Tru64 UNIX are quiet elegant, IMO, and I believe they'd provide a good basis
for the road TrustedBSD would eventually have to travel down.

	The security documentation (which details all of this, and a lot
more) for Tru64 UNIX can be found at:

http://www.tru64unix.compaq.com/docs/base_doc/DOCUMENTATION/V51A_PDF/ARH95DT
E.PDF

	General documentation can be found at:

	http://www.tru64unix.compaq.com/docs/pub_page/V51A_DOCS/ADM_DOCS.HTM


> Robert N M Watson             FreeBSD Core Team, TrustedBSD Projects
> robert at fledge.watson.org      Network Associates Laboratories

	Regards,

		Trent.

To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-audit" in the body of the message



More information about the trustedbsd-audit mailing list