From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,55958fd991db66fe X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2002-09-13 12:55:31 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!fu-berlin.de!uni-berlin.de!pc-62-31-50-169-cr.blueyonder.co.UK!not-for-mail From: nickroberts@blueyonder.co.uk (Nick Roberts) Newsgroups: comp.lang.ada Subject: Re: Advantage of XML based GUI? (was Re: Ada-inspired OS/Language) Date: Fri, 13 Sep 2002 19:55:57 GMT Organization: AdaOS Message-ID: <3d822b59.1088140942@news.cis.dfn.de> References: <4519e058.0209101828.cb5ff85@posting.google.com> <3d7f9d3f.920665532@news.cis.dfn.de> <3d80b566.992395741@news.cis.dfn.de> NNTP-Posting-Host: pc-62-31-50-169-cr.blueyonder.co.uk (62.31.50.169) X-Trace: fu-berlin.de 1031946930 1135554 62.31.50.169 (16 [25716]) X-Newsreader: Forte Free Agent 1.21/32.243 Xref: archiver1.google.com comp.lang.ada:28950 Date: 2002-09-13T19:55:57+00:00 List-Id: On Fri, 13 Sep 2002 07:57:02 +0000 (UTC), Preben Randhol strongly typed: >On Thu, 12 Sep 2002 12:03:55 -0500, David C. Hoos wrote: >> It's just to enforce that a secret document cannot be printed without each >> of >> its pages being labelled as "secret," etc. I.e., _every_ document printed on >> a printer accessible from computers with classified material _must_ print >> a security label on each page -- even if it's only to say "UNCLASSIFIED" > >If you are in the military I guess, but not for non military use. > >But if you then have two PS files. One that is Top Secret and one that >is Unrestricted (or what it is called), how will the system know to put >the right labels on them? Will the files have a security level attribute? Are you asking about AdaOS, Preben? If so, the answer is 'yes'. Every single data object in the system will have two 'mandatory' security labels: a 'confidentiality label' and an 'integrity label'. The system will enforce the following basic semantics: no information is allowed to flow from a data object to another data object with a lower confidentiality label; no information is allowed to flow from a data object to another data object with a higher integrity label. In AdaOS, everything will be an object. A file will be an object. Furthermore, it'll be a data object, so it will have mandatory labels. So, if a file "Next Generation Stealth Technology 2002.ps" has confidentiality label "Top Secret", and I am (represented by) an object with the lower confidentiality label "Mere Pion", I will be prevented from accessing the data in the report. Nor will it be permitted to print the file on the printer in the office lobby (with confidentiality label "Anyone Can See This"); it must be printed on a printer with a confidentiality label equal to or higher than "Top Secret", and even then it will have "TOP SECRET" printed on the top and bottom of every page. This all assumes an organisation that has set up its computer security properly. And I say 'organisation', because I could be talking about a DoD department, or I could just as easily be talking about Lockheed Martin (Skunkworks) or some other corporation. Consider the banks and other financial institutions; isn't it vital that their data is protected? Then consider medical records. Passport, national insurance, and immigration records. Police and court records. The list goes on and on. Their data security is vital. -- Nick Roberts