[Security_sig] 10/14 Conf. call minutes
andy at murren.org
Tue Oct 19 06:43:09 PDT 2004
As I watch the discussion and think about what I believe the goal is in
this effort, I am seeing some of the same things covered in CGL. In the
end I am still not sure what is the correct answer.
1. Levels of security: Some systems will require MAC, others RBAC will
be enough, sometimes on two systems sitting next to each other.
2. Levels of trust: Who do we trust, why and how much. This points
right back to splitting up the access afforded to root. Should root have
its access split up, why and how.
3. Levels of access: What roles are being performed by various actors.
How to constrain various subject/object interactions.
4. Levels of audit: How much is reasonable and under what circumstances
should access be granted.
Additionally I see some other such as:
1. Access to data: How to protect data in memory and on disk from being
accessed by unauthorized users.
2. Data Integrity: The whole issue of how to guard backup data and
media. How to stop someone from inserting bogus data on a backup, then
restoring that corrupted data, etc. etc.
3. Physical Security: How to deal with the large number of people who
will have physical access to the boxes. This is true in both a corporate
data center, and in a shared hosting environment. The who shared hosting
of web apps on one by at some place like Rack Space gives me the chills.
I will be off Active Duty with the Army in December and back to more
active participation in January.
andy (at) murren (dot) org
More information about the security_sig