Linux Today: Linux News On Internet Time.
Search Linux Today
Linux News Sections:  Developer -  High Performance -  Infrastructure -  IT Management -  Security -  Storage -
Linux Today Navigation
LT Home
Contribute
Contribute
Link to Us
Linux Jobs


Top White Papers

More on LinuxToday


NSA paper on computer security

Dec 14, 1998, 00:06 (1 Talkback[s])

Kragen posted to BUGTRAQ:

"The Inevitability of Failure: The Flawed Assumption of Security in Modern Computing Environments", published by six NSA employees, was published at the 21st National Information Systems Security Conference in October, in Arlington, Virginia, USA. (See http://csrc.nist.gov/nissc/1998/ and http://csrc.nist.gov/nissc/1998/papers.html for more on the conference.)

The paper is available in HTML at http://www.jya.com/paperF1.htm and in PDF at http://csrc.nist.gov/nissc/1998/proceedings/paperF1.pdf

It discusses, among other things:

  • why mandatory security mechanisms are useful outside the context of classification levels, even on single-user systems;
  • trusted-path mechanisms, like the PASSCRED stuff recently implemented in Linux and NT's Ctrl-Alt-Del login feature.