[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] worm destabilized Internet (Just thought about this)

Subject: [ale] worm destabilized Internet (Just thought about this)
From: jonathan at xcorps.net (Jonathan Rickman)
Date: Sun, 26 Jan 2003 11:59:35 -0500 (EST)

On Sun, 26 Jan 2003, Adrin wrote:

> I wonder how this would effect people, If that Trusted computer network was in place. The
> one with the keys that are in the BIOS. I think it was TCPA.

Depending on how it's implemented (much like every other mechanism) it
could have theoretically prevented it from spreading, assuming all servers
were using it appropriately. See this whitepaper for a quick overview:
http://www.research.ibm.com/gsal/tcpa/why_tcpa.pdf

As implemented by IBM, it is nothing more than another means of
discretionary access control. The key word here is discretionary. DAC is a
requirement for TCSEC C2 certification, IMHO the only practical
certification that can be obtained. Mandatory access control (MAC) would
be considered too intrusive (complex) by many and would probably not be
very well accepted in consumer systems.

--
Jonathan Rickman
X Corps Security
http://www.xcorps.net

_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale

Prev by Date: [ale] Is reinstalling my distro necessary?
Next by Date: [ale] A licensing question...
Previous by thread: [ale] worm destabilized Internet (Just thought about this)
Next by thread: [ale] Is reinstalling my distro necessary?
Index(es):
- Date
- Thread