Just to add to the below, Microsoft also doesn't seem to take
certification and security seriously. See
http://www.microsoft.com/kb/bussys/winnt/q93362.htm.
I quote:"
Microsoft has opted not to include certain components of NT in the
evaluation process, not because they would not pass
the evaluation, but to save time by reducing the load on the NSA."
Additionally,"
Networking on NT may not have to go through the "Red Book," or "Trusted
Network Interpretation." It may be enough to consider networking to be
another subsystem, and therefore only the Orange Book
would apply."
Microsoft is so confident in their security mechanisms that they believe
that in theory their object-checking system will work identically with
networked or local objects.
However, it's foolish at best to assume this is actaully true, and my
guess is that Microsoft wants to avoid the pain of Red Book rejection or
is unwilling to secure their NOS in order to meet the independent
standards.
Having a NOS certifiable to me means there has been at least a small
amount of objective evaluation of the system, and for Microsoft to opt
not to undergo Red Book evaluation does not give me confidence given
their track record of dropping the ball on security issues.
The explanation that they want to save the load on the NSA is hard to
believe as well.
Keith McCammon
Asymetrix Corp
MIS Analyst
*Opinions Are My Own*
----------
NT will have Kerberos 5 authentication which is probably what
you are thinking of. But even thought an O.S. may have strong
internal security mechanisms, that security mechanism never
leaves the local machine. Once a external connection is made
into a machine, some service aliases what it authenticated, to
some valid internal user. Your internal O.S. has process-to-process
communciations that can be snooped, your client-to-server process
|
|
