RFC: Requirements for MAC policies and implementation

Andrew R. Reiter arr at watson.org
Wed Sep 20 05:34:51 GMT 2000 

Random comments.

On Wed, 20 Sep 2000, Robert Watson wrote:

{SNIP} [sorry!]

> 
> - Multi-Level Security Model (MLS)
> 	- MLS is fairly cut-and-dry -- I'd assume support for
> 	  static labels, some fixed finite bound on the number of
> 	  sensitivity levels, and support for non-hierarchal categories. 
> 	  All trusted operating systems support this model, albeit
> 	  some in a more general manner than others.
>

Awhile back I think Jon T Bowie and I discussed MLS for process execution
and felt that it would be a _great_ thing to have implemented.. and as
time would have it... we never did.  I brougth this up to in a
conversation on IRC with Robert; we both felt it was a good thing, yet
felt, IIRC, there was more to it than just process execution.  I
completely agree and while I think the idea of a MIB-like structure for
processes to be executed, I think there is much more to it (again).
 

{SNIP!}

> 
> There are a number of resources that participants might find useful for
> framing the discussion, including technial reports and documentation from
> Argus Systems (http://www.argussystems.com/pitbull/,
> http://www.argusrevolution.com/), and SGI
> (http://oss.sgi.com/projects/ob1/doc/).  Keeping standard CC protection
> profiles in mind is also good, so
> http://www.radium.ncsc.mil/tpep/library/protection_profiles/index.html is
> also a useful reference. 
>

Thank you very much.
 
> For reference with regards to long term development plans, this MAC
> implementation would be prior to the implementation of a generalized
> labeling and access control scheme such as Poligraph, but would be a
> useful step towards the implementation of such a system, providing a
> stronger understanding of requirements for the implementation of these
> common MAC schemes. 
> 
>   Robert N M Watson 
> 

Thanks Robert for starting this off... _GREAT_ initial email.  What I
would love to see, since I am unable to run some of the MAC implemented
OSes.. is some statistics on speed and reliability, etc..  While I think
there are definitely other key issues invovled here, I think I'd like to
make speed one of them.  

Also, I would imagine doing the Biba or MLS schemas would be easier on a
higher level to manage than a jail()-like implementation over a system
wide standpoint.  Am I wrong to think this?

Andrew

*-------------.................................................
| Andrew R. Reiter 
| arr at fledge.watson.org
| "It requires a very unusual mind
|   to undertake the analysis of the obvious" -- A.N. Whitehead

To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message

More information about the trustedbsd-discuss mailing list