osOpinion: Mandatory Protection | Linux Today
Infrastructure
SHARE
Facebook X Pinterest WhatsApp

osOpinion: Mandatory Protection

Written By
Web Webster
Web Webster
Sep 7, 2000

[ Thanks to Kelly
McNeill for this link. ]

“A recent osOpinion article perked my interest about the Navy’s
recent decision to use the Microsoft Windows operating system in
its next generation aircraft carrier. Two years earlier, a divide
by zero error on a Microsoft Windows NT machine left the USS
Yorktown dead in the water for over two hours. The sequence of
these events forces one to ask the question: why would the
government choose the Microsoft Windows operating system despite
the known defects and problems? The answer is really quite simple –
they do not have a choice in the matter.”

“The Department of Defense has a little known rule that all
computer products (hardware and software) containing classified or
unclassified sensitive information must be evaluated and rated. The
National Computer Security Center (NCSC), a branch of the NSA, is
responsible for evaluating and rating commercial security products.
These products fall into one of four divisions: D – Minimal
Security, C – Discretionary Protection, B – Mandatory Protection,
and A – Verified Protection. Divisions C, B, and A are divided into
classes: C1 – Discretionary Security Protection (no longer in use),
C2 – Controlled Access Protection, B1 – Labeled Security
Protection, B2 – Structured Protection, B3 – Security Domains, and
A1 – Verified Design (see Orange Book). The ratings, in order from
least secure to most secure, are D, C1, C2, B1, B2, B3, and
A1….”

I believe Linux is capable of much more than just meeting
the C2 rating Microsoft Windows NT holds. Since Linux can do
everything that Microsoft Windows NT can do (and then some), one
can reasonably assume that Linux can achieve a minimum C2
rating. In order to meet the B1 requirements, the operating
system must be able to append security information to objects after
they leave the system. Microsoft Windows NT could not achieve this
rating because they supported only the FAT file system for floppy
disks, which cannot track security information. Linux supports the
EXT2 file system for floppy disks, and the kernel can be compiled
to remove support for the less secure FAT, forcing users to use a
file system that contains security information, hence mandatory
protection….”

Complete
Story
Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

facebook
linkedin
x

Company

Contact us

Categories

News IT Management Infrastructure Developer Security High Performance Storage Blog

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information