Re: Trusted Unices Aren't?

["Paul D. Robertson" <proberts () clark net>]

On Fri, 23 Oct 1998, Rick Smith wrote:
(Hi Rick!)

> I was mildly surprised that TIS never used it to field some sort of
> firewall in the mid '90s. (cue to Marcus for Orange Book flame :-> ).

I've always been surprised that nobody has jumped on the "secure Web 
server" market, especially in the commerce environments.  Anyway, just in 
case anyone's interested in looking at some OS features that start to 
approach the alphabet soup model, an interesting project (Ruleset Based 
Access Control) in that regard is at:

http://agn-www.informatik.uni-hamburg.de/people/1ott/rsbac/

Compartments aren't there yet, but there's a surprising ammount of work 
that's been done (and a lot left to be done).  I'm looking at 
implementing selected infrastructure services with it once it stabalizes, 
including DNS in my firewall environment.  

It's a Linux implementation for those who are allergic to such.  It comes 
with full source code and reasonable documentation.

I happen to think that having serious per-service protection for both 
firewall components and general OS' are a good thing.  YPMV.

Summary of what's covered in RSBAC (lifted from above Web page):

=====================================================================

MAC  Bell-LaPadula Mandatory Access Control (compartements not yet 
     implemented) 

CWI  Clark-Wilson-Integrity (only basics implemented) 

FC   Functional Control. A simple role based model, restricting access to 
     security information to security officers and access to system 
     information to administrators.

SIM  Security Information Modification. Only security administrators are 
     allowed to modify data labeled as security information.

PM   Privacy Model. Simone Fischer-H|bner's Privacy Model in its first 
     implementation. See our paper on PM implementation for the NISS 98 
     Conference 

MS   Malware Scan. Scan all files for malware on execution (optionally on 
     all file read accesses or on all TCP/UDP read accesses), deny access 
     if infected. Currently the Linux viruses Bliss.A and Bliss.B
     and a handfull of others are detected.

=====================================================================

There's supposed to be a new list for the project, but I've had trouble 
resolving the hostname I was given.  Interested parties should follow the 
mailto: link(s) on the above page.  

Paul   
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts () clark net      which may have no basis whatsoever in fact."
                                                                     PSB#9280