[Security_sig] Re: DCL Capabilities section - highest level outline review

Chris Wright chrisw at osdl.org
Thu Sep 1 11:41:45 PDT 2005


* Mary Edie Meredith (maryedie at osdl.org) wrote:
>  1 Introduction
>  2 Security Objectives	
>  	2.1 Server Usage Profiles	
>  	2.2 Organizational Security 
>  	2.3 Environmental Assumptions	


>  	2.4 Security Objectives	
>  	2.5 Environmental Assumptions	

2.3 and 2.5 are the same

>  3 Security Capabilities
>  	3.1 Identification and Authentication	
>  	3.2 Access Controls (Discretionary)	
>  	3.3 Audit, Accounting and Accountability
>  	3.4 Mandatory Access Controls

Is it necessary to split DAC and MAC?  Could it be:

3.2 Access Controls
	3.2.1 DAC (traditional UNIX, ACL's, etc...)
	3.2.2 MAC (typically lsm enforced)

>  	3.5 Integrity Protections & Least Privilege	 

For integrity do we bring up MLS (I ask because this may point back
at MAC)?  For least privilege do we discuss administrative roles as
mentioned from NFS folks (I ask because this may point back at MAC)?

> 	3.6 Availability and Continuity of Operations

Is that meant to dicuss DoS mitigation?

>  	3.7 Cryptography
>  	3.8 Trusted Services

To scope the "trusted base"?

> 	3.9 Documentation
>  	3.10 Installation & Delivery

These last two are not likely to generate technical capability gaps,
rather distro issues.  They're important, but lower priority IMO.

>  4 Security Roadmap



More information about the security_sig mailing list