[cap-talk] Capabilities and the NCSC Trusted Computer Security Evaluation Criteria (TCSEC)
devbox at selnet.org
Sun Nov 5 07:10:57 CST 2006
On 04/11/2006, at 15.20, David Wagner wrote:
>Valerio Bellizzomi <devbox at selnet.org> writes:
>>So, is it possible that the "marking" could be used as an element of a
>>out of TCSEC, and as an argument to "rebirth" the object/capability
>>approach to computer security?
>A personal opinion:
>The TCSEC requirements are most irrelevant to modern computer security in
>the commercial world. They're a waste of time. Every second you spend
>trying to comply with TCSEC is one second forever lost from your
>They're not worth the brain cells; don't bother.
Thanks, my brain cells are already overloaded :-)
My personal opinion: now there is the ASPOS/PP at early stage, which is a
modern thing to try to comply with.
More information about the cap-talk