[cap-talk] Confused Deputies in Capability Systems - not
Bill Frantz
frantz at pwpconsult.com
Fri Feb 27 19:28:42 EST 2009
capability at webstart.com (Jed Donnelley) on Friday, February 27, 2009 wrote:
>Perhaps Bill F. (others?) could comment on the similarities between
>KeySAFE and Horton?
The similarities are that both systems act as intermediaries between
security domains. That's about it.
KeySAFE was designed with the goal of a minimal assurance set. As such, it
would only pass objects that the KeyKOS kernel could vouch for, which in
practice bottoms out in pages and segments. It also implemented the policy.
Since we were discussing the system with the National Computer Security
Center, looking for an Orange Book certification, we wanted to give them
something that looked REALLY familiar.
Horton is generalized membrane system which adds accountability to normal
capability security.
[And no MarkM, I myself am not particularly upset and the lack of a
reference.]
Cheers - Bill
------------------------------------------------------------------------------
Bill Frantz |"When you're buying security products, you have to trust
408-356-8506 | the vendor. That's why I don't buy any of these hardware-
www.periwinkle.com | encrypted drives. I don't trust the vendors." -- Schneier
More information about the cap-talk
mailing list