Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!longway!std-unix From: jason@cnd.hp.com (Jason Zions) Newsgroups: comp.std.unix Subject: Re: Standards Update, IEEE 1003.6: Security Message-ID: <752@longway.TIC.COM> Date: 29 Jun 90 21:12:26 GMT Sender: std-unix@longway.TIC.COM Reply-To: std-unix@uunet.uu.net Organization: Hewlett Packard, Information Networks Group Lines: 60 Approved: jsq@longway.tic.com (Moderator, John S. Quarterman) From: Jason Zions > Conversely, users at a high classification may not make their work > available to users at a lower classification: one can neither ``read up'' > nor ``write down.'' There are also compartments within each > classification level, such as NATO, nuclear, DOE, or project X. Access > requires the proper level and authorization for all compartments > associated with the resource. The MAC group is defining interfaces for > such a mandatory mechanism. It's not as confusing as it sounds, but > outside of the DoD it is as useless as it sounds. (Prove me wrong. Show > me how this DoD policy is useful in a commercial environment.) Both compartmentalization and classification have commercial applications, but I'm not certain those applications justify the cost and pain. Compartmentalization: Large organizations frequently pursue strategies and practices in the course of daily business that seem, well, contradictory. Things like negotiating with arch-rival companies to sell each of them exclusive rights to a particular technology; at some point, when the higher-ups figure one of the two deals is superior, the other "falls through". For the sake of verisimilitude, one might wish to compartmentalize both negotiation efforts from each other and from the rest of the company on a "need-to-know" basis. One might wish to compartmentalize ones research labs from ones marketing people to prevent the marketing of "futures"; similarly, separating R&D from support organizations can help prevent leakage. All of these can be accomplished by a Simple Matter Of Policy; it is a known phenomena, though, that the large the company the higher the probability of leakage, regardless of policy. MAC can help. Classification: Certain kinds of information are frequently required by law to be controlled with respect to dissemination internally; data related to profit and loss, stock exchange filings, personnel data, etc. Many companies today forbid the electronic storage of such restricted information, and they distribute it by means of printed copies, numbered and signed for, burn-before-reading. It'd be nice to be able to store that stuff on-line, transmit it electronically, while ensuring that those who are not permitted by law to see the information cannot see it. Again, SMOP can accomplish this; however, it's a lot easier to prove someone is or is not an "insider" in the technical sense of the term by showing whether or not they hda access to the relevant data, and by recourse to an audit trail. - - - - > Jason Zions, of HP, gave one of the most interesting and aggressive ^^^^^^^^^^ > presentations of the day, on the work of the Transparent File Access > Group, which included a preliminary list of issues that 1003.8 feels > need to be reviewed. Really? (wince) Musta been a bad day. My apologies to all. Jason Zions Chair, 1003.8 Volume-Number: Volume 20, Number 67