[cap-talk] Secure Restart or Trusted Recovery?
Neal H. Walfield
neal at walfield.org
Thu Jan 4 03:54:07 CST 2007
Hi Bill,
You mentioned the term secure restart in 2003:
http://www.eros-os.org/pipermail/eros-arch/2003-December/004196.html
And in 1999, here:
http://www.eros-os.org/~majordomo/eros-arch/0854.html
But I can't seem to find the term used anywhere else. In the orange
book, they use the term "trusted recovery" (3.3.3.1.5 and 4.1.3.1.5),
which I think means the same thing. There are also a number of
seemingly relevant hits when searching for trusted recovery on google.
(Landau refers to but does not name the problem in 1992 in "The
Checkpoint Mechanism in KeyKOS:"
In a secure environment, the security policy must be maintained
accress system restarts [Orange Book, Security in KeyKOS]
)
Is what you describe as secure restart essentially trusted recovery?
Is there any reason for the term rotation?
Thanks,
Neal
More information about the cap-talk
mailing list