OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help



   RE: [xml-dev] Managing Innovation

[ Lists Home | Date Index | Thread Index ]

On Tue, 30 Sep 2003, Dare Obasanjo wrote:

> > Tim Bray [mailto:tbray@textuality.com]: 
> > 
> > Really?  Which part?  The assertion that Unix is basically 
> > simpler than the alternatives, or the assertion that it 
> > achieves a good level of security?  
> The latter. Better people than me can tell you why this common
> misconception is false[0,1]. The main thing the Unix family of operating
> systems  have going for them with regards to security is the higher
> degree of sophistication of their users and their lack of mainstream
> adoption than on their qualities as a "secure system".  Of course, you
> may have a lower criteria for the term "secure system" than I do in
> which case YMMV.  
> [0] http://www.nsa.gov/selinux/faq.html#I2
> [1] http://books.rsbac.org/unstable/x115.html

<quote attribution="http://www.cse.nd.edu/courses/cse598n/www/Lectures/Lecture14.pdf";>

 * No system is 'secure', systems usually trade security for
   performance, ease of use etc.
 * If information is worth x and it costs y to break into system
   and if (x < y), then not worth encryption
 * Wasteful to build a system that is more secure than is necessary


The question is not 'is a system "secure".'

The question is 'is a system _sufficiently_ secure.'

A PC running MS-DOS 2.0 , in a public, unsupervised location with an
application running from the floppy drive may be _sufficiently_ secure for
its intended use.

A computer system rated secure to A1 per DOD-5200.28-STD kept in a
permanently sealed case with no removable media, with encrypted permanent
storage and data pathways requiring both biometric credentials and time
variant tokens, in Tempest certified facilities and configuration, having
a limited set of operators security cleared to Top Secret, electronic and
physical searches of personnel entering and leaving the facility and real
time video surveillance of the operators might _STILL_ be insufficiently
secure for its job.

The unqualified word 'secure' is essentially meaningless.

NO system is, without qualificiation, 'secure'. If I am willing to expend
sufficient resources _ANY_ system can be penetrated. Whether by technical,
social, political or military means.

With the possible exception of a system that has been rendered into its
base chemical components, all of its operators and inventors shot and
its blueprints cremated and mulched.

Benjamin Franz

Gauss's law is always true, but it is not always useful.
    -- David J. Griffiths, "Introduction to Electrodynamics"


News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 2001 XML.org. This site is hosted by OASIS