[cap-talk] Capabilities and the NCSC Trusted Computer Security Evaluation Criteria (TCSEC)
daw at cs.berkeley.edu
Sat Nov 4 17:20:15 CST 2006
Valerio Bellizzomi <devbox at selnet.org> writes:
>So, is it possible that the "marking" could be used as an element of a way
>out of TCSEC, and as an argument to "rebirth" the object/capability
>approach to computer security?
A personal opinion:
The TCSEC requirements are most irrelevant to modern computer security in
the commercial world. They're a waste of time. Every second you spend
trying to comply with TCSEC is one second forever lost from your lifespan.
They're not worth the brain cells; don't bother.
More information about the cap-talk