>The interesting debate on Firewall Operating Systems seems to have ignored
>some factors.
Not really, just limited bandwidth posted.
>From a security point of view UNIX, DOS and TCP/IP are subjects which suffer
>from the widespread public knowledge of the technology. The most secure
>protocols and OS would be those which were known to only one person. That
>constitutes a secret.
But "security by obscurity cannot be counted on - it only works when people
do not try very hard to break it. Besides we have no real choice about TCP/IP.
>UNIX and DOS have been developed to allow maximum portability of
>applications and have become general multi-purpose systems. Any product
>which is designed specifically and exclusively to perform a single role is
>likely to be very much better at that role than any multi-role product.
>Therefore, UNIX and DOS could claim a high availability factor. The highest
>assurance is difficult/impossible to attain. Integrity can be questioned.
Really have trouble with this generalization. The nice thing about DOS is
that it is too stupid to really be a threat. Unix on the other hand is
smart enough to be fooled.
If you look at a PC, what you normally see is something like this:
Application
MS-DOS
BIOS
Hardware
However nothing stops you from having something like this:
Application
Hardware
>From what I have seen, KarlBridge looks like this and is why the demo
only works with SMC cards. Novell Netware also works the same way just
for simplicity, it bootstraps through DOS first, then discards both the
OS and the BIOS.
Being a single tasking machine, whatever application is running,
controls the machine so this is not a problem. The same thing *could*
be done with a Unix box but why waste it ?
>The majority of UNIX flavours are still largely tied to specific chips from
>specific vendors and those vendors tend to have reasonably tight change
>control procedures. DOS runs on a variety of compliant chips from a host of
>vendors and some of the suppliers do not commit to a strong change control
>procedure and are not known for their ability to notify developers of
>forthcoming changes to board designs etc.
Huh ? Far as I know DOS (MS-DOS or PC-DOS) works only on an Intel platform
and with a BIOS compatable with the IBM specification of 27 November 1982
(what "100% compatable reeally means"). In fact, a Pentium starts up in
"real" mode which exactly emulates the 1979 Intel 8086, 1 Mb memory addressing
limit and all.
>The 'Firewalls' discussions tend to refer to C2 from time to time. There are
>UNIX OS and TCP/IP products which have certified to B1 in the US and to
>F-B1/E3 in Europe. Most of these products also have much higher
>functionality levels reported. Add-on products for DOS/Windows have
>certified at E1 and E2 in Europe and claim C2 **compliance** in the US.
Has nothing to do with it. Both Orange book and Common Criteria are for
multi-tasking, multi-user machines, for a firewall application IMHO what
is needed is a dedicated embedded controller.
>Trusted applications to run on UNIX are beginning to achieve B1 rating.
Wonderful. They address covert channels. With an properly designed single
state machine you have no covert channels.
>There is always someone who will claim that a particular OS (or flavour of
>OS) is better than another. In many cases that is because the claimant is
>only familiar with the OS he promotes.
Started serious work with SEL 800 in 1967. Have forgotten JCL twice (and hope
I can keep it forgotten this time). Have been through entire range of PDP
8, 11, & VAXen (first real PC). Flew afterburning gas turbine engines on
8080 during '70s. Designed microcode for AMD 2901 cascaded to 16 bits. Have
built systems that worked based on Z-80, Z-8000, F 9445, TI 9900, M6800,
M68000, Mil-Std 1750A, & I-960. Have done development work with MASPAR
(defining the boundaries is the hard part). Will admit to never having worked
with 6502 but studied RISK work of Carlos Seguin (emulation of 11/780) in
1984 (got my first Spenser Katt Gym Bag by predicting the Power-PC a couple
of years ago).
The choice of the Intel/PC platform is based on the fact that it is cheap and
"good enough" for the job and because by using it as an embedded controller
it can be (note the operative) made immune to outside influences. Do not
intend to use DOS (or any OS for that matter) except as an easy way to
boot the machine (might not even need it for that - have written self-booting
programs for the PC before (just for the record, Microsoft's Flight Simulator
was a "self booting program", there was no OS involved - was more common in
the early '80s than now).
Hotly,
Padgett
|
|
