From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,55958fd991db66fe X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2002-09-14 22:50:27 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!logbridge.uoregon.edu!nntp-server.caltech.edu!attla2!ip.att.net!attbi_feed3!attbi_feed4!attbi.com!sccrnsc01.POSTED!not-for-mail Message-ID: <3D841FA5.1020305@attbi.com> From: Mark Biggar User-Agent: Mozilla/5.0 (Windows; U; Win 9x 4.90; en-US; rv:1.0.0) Gecko/20020530 X-Accept-Language: en-us, en MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: Advantage of XML based GUI? (was Re: Ada-inspired OS/Language) References: <4519e058.0209101828.cb5ff85@posting.google.com> <3d7f9d3f.920665532@news.cis.dfn.de> <3d80b566.992395741@news.cis.dfn.de> <3d813a2b.1026389832@news.cis.dfn.de> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit NNTP-Posting-Host: 12.235.91.30 X-Complaints-To: abuse@attbi.com X-Trace: sccrnsc01 1032069026 12.235.91.30 (Sun, 15 Sep 2002 05:50:26 GMT) NNTP-Posting-Date: Sun, 15 Sep 2002 05:50:26 GMT Organization: AT&T Broadband Date: Sun, 15 Sep 2002 05:50:26 GMT Xref: archiver1.google.com comp.lang.ada:28978 Date: 2002-09-15T05:50:26+00:00 List-Id: Nick Roberts wrote: > On Thu, 12 Sep 2002 16:45:14 +0000 (UTC), Preben Randhol > strongly typed: > > >>On Thu, 12 Sep 2002 16:12:12 GMT, Nick Roberts wrote: >> >>>All security features are optional. It's just that they are optional for >>>the privileged user, not for the ordinary user! >> >>I don't think I understand what is inherently more secure that it says >>Top Secret on the top of some piece of paper. To me it sounds like >>something only usable in the military? > > > It is a requirement specified in the TCSEC; that is my primary concern. > > I presume the rationale is that it may make it more difficult for someone > to pass off a printed document as having a status it does not. Often, in > the real world, security is about making things difficult (rather than > completely impossible). > > This kind of security 'labelling' is a typical military requirement, but > (the TCSEC makes it clear) it would be likely to also be a requirement of a > great many organisations, were they to undertake a true security > requirements assessment. A great many organisations need to keep certain > information confidential, and ensure certain information is correct, as a > legal requirement; most corporations have industrial secrets to protect and > all need to prevent fraud. Of course, the unfortunate fact is that most > organisations today are hopelessly deficient in their overall security > provisions. > > >>>If you were running AdaOS on your own personal computer, you would be the >>>system administrator, and so you would have the highest privileges (you are >>>allowed to do anything ;-). Probably you would have security label printing >>>permanently turned off. In fact, probably you would have no mandatory >>>security features operative at all. >> >>I hope you are thinking of doing it the UNIX way. I mean that the user >>does not have root/administrator privileges and that there is only one >>root superuser which is not used unless when one needs to install >>software. > > > AdaOS will be a fully object oriented OS, and its design is not closely > related to any of the Unixen. I am considering the various security schemes > offered by CORBA at the moment. I may well choose to enhance these with > many further facilities. > > >>This document should be of interest: http://www.nsa.gov/selinux/ > > > Interesting, but there's nothing new to me here. AdaOS will be designed to > conform to the requirements of the TCSEC level B2 or B1. This exceeds what > is offered by SE Linux (or any of the BSDs). > > The security mechanisms of AdaOS will be built into each object (class), > and will be tailored to the specific needs of that object (class); this is > a considerably more sophisticated approach than any isomorphic OS can > offer. > To see a fairly complete implementation of this type of security system see the latest versions of Sun Solaris. You will find how it all works under the heading "Role Based Access Control". If you want the data labeling controls as well see Manditory Access Control under Sun's Trusted Solaris Product. -- Mark Biggar mark.a.biggar@attbi.com