OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

 


 

   RE: [xml-dev] Managing Innovation

[ Lists Home | Date Index | Thread Index ]

On Tue, 30 Sep 2003, Dare Obasanjo wrote:

> > Tim Bray [mailto:tbray@textuality.com]: 
> > 
> > Really?  Which part?  The assertion that Unix is basically 
> > simpler than the alternatives, or the assertion that it 
> > achieves a good level of security?  
> 
> The latter. Better people than me can tell you why this common
> misconception is false[0,1]. The main thing the Unix family of operating
> systems  have going for them with regards to security is the higher
> degree of sophistication of their users and their lack of mainstream
> adoption than on their qualities as a "secure system".  Of course, you
> may have a lower criteria for the term "secure system" than I do in
> which case YMMV.  
> 
> [0] http://www.nsa.gov/selinux/faq.html#I2
> [1] http://books.rsbac.org/unstable/x115.html

<quote attribution="http://www.cse.nd.edu/courses/cse598n/www/Lectures/Lecture14.pdf";>

 * No system is 'secure', systems usually trade security for
   performance, ease of use etc.
 * If information is worth x and it costs y to break into system
   and if (x < y), then not worth encryption
 * Wasteful to build a system that is more secure than is necessary

</quote>

The question is not 'is a system "secure".'

The question is 'is a system _sufficiently_ secure.'

A PC running MS-DOS 2.0 , in a public, unsupervised location with an
application running from the floppy drive may be _sufficiently_ secure for
its intended use.

A computer system rated secure to A1 per DOD-5200.28-STD kept in a
permanently sealed case with no removable media, with encrypted permanent
storage and data pathways requiring both biometric credentials and time
variant tokens, in Tempest certified facilities and configuration, having
a limited set of operators security cleared to Top Secret, electronic and
physical searches of personnel entering and leaving the facility and real
time video surveillance of the operators might _STILL_ be insufficiently
secure for its job.

The unqualified word 'secure' is essentially meaningless.

NO system is, without qualificiation, 'secure'. If I am willing to expend
sufficient resources _ANY_ system can be penetrated. Whether by technical,
social, political or military means.

With the possible exception of a system that has been rendered into its
base chemical components, all of its operators and inventors shot and
its blueprints cremated and mulched.

-- 
Benjamin Franz

Gauss's law is always true, but it is not always useful.
    -- David J. Griffiths, "Introduction to Electrodynamics"






 

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS