Hello,
On Aug 28, Jon Spencer wrote
> Not true. Since B2 networking is included in the system, intranet trafiic
> can be controlled as well. connections through the firewall to various
> internal hosts can be limited by host at worst (other strategies exist to
> do better than this).
This is quite ususal Firewall Feature and is nothing special to B2. The Real
win for B2 to categorize Data (apart from the better local security on the
firewall) will fail in an evironment where you hit hosts other than B2 Systems.
Therefore my question:
> > BTW: how does B2 Systems communicate and send the information about the
> > Trust you (dont) put into a sesion? Is there a kind of Kerberos Token
> > Parsing or Global User Token System?
>
> I don't quite understand the question. With what or whom is the B2 system
> communicating to send the information about the trust ... ?
In a Network with multiple B2 System, is it possible to share Trust
information? i.e.:
secure topsecure
console----B2a-------B2b
|
Modem-------+
unsecure
If I sit on the console of B2a I'm allowed to access Data with Grade X, if
I sit on Modem, I have Access to Data with Grade Z. If I now Log onto B2b how
can the second B2 System deny access to Classified Data for the same User
depending on the Port he/she connected to the first B2 System? I.e has a
sending B2 System a way to evaluate whats the Part of the transmission with
the least allowed classification is?
Greetings
Bernd
--
(OO) -- Bernd_Eckenfels @
Wittumstrasse13 .
76646Bruchsal .
de --
( .. ) ecki @
{inka .
de,linux.de,debian.org} http://home.pages.de/~eckes/
o--o *plush* 2048/93600EFD eckes @
irc +4972573817 BE5-RIPE
(O____O) If privacy is outlawed only Outlaws have privacy
References:
|
|
