---------- Forwarded Message ----------
Subject: [oclug] Linux Security
Date: Wed, 10 Jul 2002 23:20:29 -0400
From: Randal Leavitt
To: OCLUG
The next Linux kernel will include an API that allows Linux Security Modules
to be used. These modules provide a definition of the security policies,
and the means used to enforce these policies. There may be many different
sets of security modules to address different sets of security requirements.
The security level of a publicly available operating system is best discussed
using the Common Criteria standard:
http://www.commoncriteria.org/introductory_overviews/index.html
To apply these standards, an interested party prepares a Protection Profile
which is a statement of the security requirements for a specific application.
These protection profiles are defined in accordance with the Common Criteria
standard, and can be registered so they can be reused.
A draft Protection Profile
"CSPP-OS - COTS Security Protection Profile - Operating Systems"
is available for review and comment.
"The purpose of CSPP-OS is to define, and specify the requirements necessary
to solve the security problem that COTS operating systems (perhaps with
add-on packages) can be expected to address in the near-term."
http://csrc.nist.gov/cc/pp/cspp-os04.pdf
So it seems that our challenge is to review this draft protection profile,
improve it if necessary, and then provide the security modules needed to
allow Linux to meet this criteria.
Do I have this right?
--
================================================
Randal Leavitt
Registered User 267646 at http://counter.li.org/
_______________________________________________
oclug mailing list
oclug@lists.oclug.on.ca
http://www.oclug.on.ca/mailman/listinfo/oclug
-------------------------------------------------------
--
bruce