Linux Journal: Secure Computing to Develop Type Enforced TuxFeb 24, 2000, 21:39 (1 Talkback[s])
(Other stories by David Penn)
"Secure Computing Corporation, makers of security software packages for business and government organizations, has won a contract with the National Security Agency to develop a "robust, secure version of Linux" for use in the agency's intelligence and information systems."
"But while many in the Linux community are celebrating another Linux conversion, others point to the GNU General Public License under which Linux may be further developed, and wonder if the fruits of the SCC's labor will be offered freely back to the community that made such fruits possible...."
"The concerns over what Secure Computing will do with Linux have to do in part with the "Type Enforcement Technology" the company plans to deploy. Having successfully used this security technology in support of its UNIX firewall, Sidewinder, Secure Computing says its modifications will include a flexible policy engine that, while its functionality has not yet been fully determined, will nonetheless "support a broad range of basic applications". Secure Computing says it will open source both their policy enforcement code modifications to the kernel, as well as this "general purpose" policy engine, while keeping the policy engines for its own products (i.e., Sidewinder, which is the main firewall used by the Department of Defense) proprietary. The term "policy engine" refers to the part of the software that monitors adherence to an organization's rules and procedures governing acceptable use of resources and security practices."