Firewall Wizards mailing list archives
protection models
From: Chris Pugrud <cpugrud () yahoo com>
Date: Wed, 8 Dec 2004 14:12:21 -0800 (PST)
--- Magosányi Árpád <mag () bunuel tii matav hu> wrote:
SPM is a new thing to me. I could not find the original paper in citeseer, but found one with definition of SPM (about undecidability of safety in SPM with cyclic creates). It seems to be a much more baroque model than even my version of Bell-LaPadula. I cannot even understand it for first read. Can you show me a security policy modell of an actual IT system using SPM?
SPM was born out of HRU and has the distinction of having decidable safety properties. ESPM, TAM, MTAM, SOTAM, and (I believe) RBAC are the evolutionary children of SPM. I only became familiar with them because I decided to go back and get a M.S. in information security and assurance, and take a class from Dr. Sandhu. I will concur that SPM is painful and obtuse. The academic papers for all of the above can be found at http://list.gmu.edu (with SPM being #32 under "journal papers").
Also we seem to forget that VLANs are not considered to be dependable enough to be used as a domain separation mechanism. Or did I sleep while something revolutionary had happened?
Ahh, but I have a very shiny hammer, and VLANs look like very pretty nails. Honestly, VLAN's are not being used for domain seperation. "Private VLANS", a Cisco term for layer 2 isolation, is being used to prevent client machines, in the same security domain, from talking to each other. Technically that may lump them into seperate security domains, but I view them as being in the same domain with one consistent rule, no talking to each other for any reason. In this case, "private vlan technology" is being used for security seperation, and being newer and flashier than the already suspect vlan, are deeply distrusted. "Private VLAN technology" was, however, distinctly designed, and implemented by Cisco, as a security mechanism. Regardless, I can not find fault with the security community co-opting whatever useful tools that we can find and using them for our own means, as long as we understand the limitations. C is probably the most insecure language out there, but that did not stop Marcus from utilizing C to write the first proxy servers. [and I'm going to be struck down by, and owe a few beers to, Marcus, if they weren't written in C]. chris _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Defense in Depth to the Desktop Chris Pugrud (Dec 05)
- Re: Defense in Depth to the Desktop Magosányi Árpád (Dec 07)
- Re: Defense in Depth to the Desktop Chris Pugrud (Dec 07)
- Re: Defense in Depth to the Desktop Magosányi Árpád (Dec 11)
- protection models Chris Pugrud (Dec 11)
- Re: Defense in Depth to the Desktop Chris Pugrud (Dec 07)
- Re: Defense in Depth to the Desktop Magosányi Árpád (Dec 07)
- Re: Defense in Depth to the Desktop Rogan Dawes (Dec 07)
- Re: Defense in Depth to the Desktop Chris Pugrud (Dec 07)
- RE: Defense in Depth to the Desktop Ben Nagy (Dec 07)
- RE: Defense in Depth to the Desktop Chris Pugrud (Dec 07)
- RE: Defense in Depth to the Desktop Scott Stursa (Dec 11)
- RE: Defense in Depth to the Desktop Chris Pugrud (Dec 11)
- RE: Defense in Depth to the Desktop Chris Pugrud (Dec 07)
- Re: Defense in Depth to the Desktop Chris Pugrud (Dec 13)
- Re: Defense in Depth to the Desktop Paul D. Robertson (Dec 13)