info please part 2

[Fergus Cameron]

On 18.12-09:58, Chris Wright wrote:
[...]
> Another important consideration is ease of administration.  With an
> improved security infrastructure, there is likely more administrative
> overhead.  And more importantly, with the extra knobs to twist one must
> make sure that the system _is_ actually more secure.

i worked as an engineer at argus systems for the
last year and a half and i can honestly say that
the issue of performance was never of serious
concern.  pretty much as chris stated -- the pain
of integrating this type of technology into a
normal business (i.e. duct tape operations) is so
great that if they end up with applications running
without complete set of root privilage it is
considered a sucess.

in my personal opinion the real question is of
value -- is it actually more secure.  most of the
inherent value in operational systems (make that
percieved value) is in the data of the system
(i.e. credit card information being lost).   with
things like web delivery + java (heavier threading,
object modelling + http for all) it is very difficult
to seperate the security of the application from
that of the system.  in that model trusted
operating system are of less value.  as a result
new projects (web stuff) do not benefit in the way
the more traditional service structures do.

there are ways to tackle that and i think
trustedbsd is setup pretty well for the challenge
but i still believe (as much as i hate the
futility of it) that ids is the main game at the
moment.

-- 
: fergus cameron                :   [ .]        cobbled    :  
: ^^^^^^@cobbled.net            : [ ~][ ]             .net :  

To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-discuss" in the body of the message