[cap-talk] gauntlet - one way IPC considered useless, practical MLS?

[John Carlson]

>
> Here's an example that I'm familiar with.  For a time I worked in
> the "Engineering Records Center" at LLNL.  That is in the engineering
> part of the lab.  In particular it is the organization that stores all
> the engineering drawings.  Many of these drawings are classified.
> Of course the classified drawings are only stored in a database that
> is only accessible from the classified network.
>
> One of the requirements that we had was to make available needed
> unclassified drawings for the people doing classified engineering.  The
> way this was done was to collect a list of needed drawings (e.g. during
> the day), then write them to a tape (put the write ring in, write the
> drawings), take the write ring out and move that tape to the classified
> side, read the drawings and put them into the database - labeled as
> unclassified but made available on the classified network.  This was
> the scenario even into the late 1990s.

Yes, the've put a stop to the transfer of unclassified drawings to the
classified side, to my knowledge.  For a while, they weren't allowing
people to get drawings out of the unclassified side, because there
were no user access controls.   Then ECMS came along on the unclassified
side, with ACLs, and they could provide people common access to drawings
in the same project.

The classified side seems to be a mismash of different people doing things
with Zope, Stellent, and Windchill now--but perhaps your code is still
running on the back end to get film, so it's a sort of one way from these
systems into the ERC.

By the way, did you hear that Jesse Castellon retired?

John