[Security_sig] Re: DCL Capabilities section - highest level outline
Mary Edie Meredith
maryedie at osdl.org
Thu Sep 1 11:58:29 PDT 2005
A couple of responses below:
On Thu, 2005-09-01 at 11:41 -0700, Chris Wright wrote:
> * Mary Edie Meredith (maryedie at osdl.org) wrote:
> > 1 Introduction
> > 2 Security Objectives
> > 2.1 Server Usage Profiles
> > 2.2 Organizational Security
> > 2.3 Environmental Assumptions
> > 2.4 Security Objectives
> > 2.5 Environmental Assumptions
> 2.3 and 2.5 are the same
ignore 2.5. It was a mistake in the original doc.
Sorry I didn't notice it.
> > 3 Security Capabilities
> > 3.1 Identification and Authentication
> > 3.2 Access Controls (Discretionary)
> > 3.3 Audit, Accounting and Accountability
> > 3.4 Mandatory Access Controls
> Is it necessary to split DAC and MAC? Could it be:
> 3.2 Access Controls
> 3.2.1 DAC (traditional UNIX, ACL's, etc...)
> 3.2.2 MAC (typically lsm enforced)
> > 3.5 Integrity Protections & Least Privilege
> For integrity do we bring up MLS (I ask because this may point back
> at MAC)? For least privilege do we discuss administrative roles as
> mentioned from NFS folks (I ask because this may point back at MAC)?
> > 3.6 Availability and Continuity of Operations
> Is that meant to dicuss DoS mitigation?
> > 3.7 Cryptography
> > 3.8 Trusted Services
> To scope the "trusted base"?
> > 3.9 Documentation
> > 3.10 Installation & Delivery
> These last two are not likely to generate technical capability gaps,
> rather distro issues. They're important, but lower priority IMO.
I'm in favor of noting issues that are not in the strictest
sense capabilities. Usability, for example, is called out
in the capabilities document. If there are gaps in documentation,
install/delivery/usability gaps, please note them as part of
the analysis. I will find the proper place to address them.
Stability is another example - case in point 4K Luns was
in theory supported by 2.6 but never successfully tested
until recently by the Storage SIG.
> > 4 Security Roadmap
More information about the security_sig