OS Security Classification

OS Security Classification

am 05.01.2006 15:52:44 von amit.ncb

Hi I need some resources for classification of different OS as regards
their Security Mechanisms. Can anyone help me out please?

Re: OS Security Classification

am 05.01.2006 16:25:19 von comphelp

amit.ncb@gmail.com writes:
> Hi I need some resources for classification of different OS as regards
> their Security Mechanisms. Can anyone help me out please?

Unfortunately that's a very vague question. Did this come from some
genius in the academic community?

--
Todd H.
http://www.toddh.net/

Re: OS Security Classification

am 05.01.2006 19:46:24 von roberson

In article <1136472764.005146.175400@f14g2000cwb.googlegroups.com>,
wrote:
:Hi I need some resources for classification of different OS as regards
:their Security Mechanisms. Can anyone help me out please?

I suggest you research "orange book" and "Common Criteria".

Re: OS Security Classification

am 06.01.2006 13:04:12 von efeustel

wrote in message
news:1136472764.005146.175400@f14g2000cwb.googlegroups.com.. .
> Hi I need some resources for classification of different OS as regards
> their Security Mechanisms. Can anyone help me out please?
>
As has been pointed out, the Common Criteria( available at NIST.gov)
provides a good start. It provides language to describe features that are
desired under the headings Confidentiality, Integrity, Availability, and
Assurance. The only thing they left out was Accountability. Security
mechanisms
are then used to provide the features.

Another way to attack the problem is to look at the Reference Model for Open
Distributed Processing
(RM-ODP) and to add an additional concern -- Security. The set of
abstractions provided in RM-ODP provide a good starting point to deal with
Security as well and seem very relevant to discussing
security mechanisms as employed on different machines. In addition, you
would probably want to
integrate the OSI model since RM-ODP does not really discuss the
abstractions involved in providing
"Channels" between objects.

Regards,
Ed

Re: OS Security Classification

am 07.01.2006 09:45:26 von amit.ncb

Thanks so much. I will certainly look into the pages.

Re: OS Security Classification

am 07.01.2006 20:53:14 von roberson

In article ,
Edward A. Feustel wrote:

> wrote in message
>news:1136472764.005146.175400@f14g2000cwb.googlegroups.com. ..
>> Hi I need some resources for classification of different OS as regards
>> their Security Mechanisms. Can anyone help me out please?

>Another way to attack the problem is to look at the Reference Model for Open
>Distributed Processing
>(RM-ODP) and to add an additional concern -- Security.

>In addition, you
>would probably want to
>integrate the OSI model since RM-ODP does not really discuss the
>abstractions involved in providing
>"Channels" between objects.

Though as Anne & Lynn Wheeler have (garlic.com/~lynn) have taken pains
to point out, TCP breaks the OSI model, and there are in practice
very few implementations of the pure OSI model around. The implication
would be that integrating the OSI model into RM-ODP might give you an
interesting theoretical framework, but that it will not be usable to
describe very many -real- OS's.