Re: Question about assurance?

[Park Lee <parklee_sel@xxxxxxxxx>]

On 05 Jun 2005 at 21:12, Lorenzo Hernández
García-Hierro wrote:
> El dom, 05-06-2005 a las 09:39 -0700, Park Lee 
> escribi?
>> Hi,
>> 
>> In "5.1 Architecture Overview" of¡¶The Flask 
>> Security Architecture: System Support for Diverse 
>> Security Policies¡·, It says:
>>
>> "Secondary goals for the architecture include
>> application transparency, defense-in-depth, ease 
>> of assurance,and minimal performance impact".
>> 
>> Here, Is the meaning of word "assurance" the same 
>> as the meaning of "assurance" of "Security 
>> assurance" in ISO/IEC15408 (i.e. Information 
>> technology - Security techniques --Evaluation 
>> criteria for IT security)?  or Does it just mean 
>> another thing?
>
> At least for me, that part means that you can 
> easily implement information assurance models on 
> top of the Flask architecture, 

What's the information assurance model? Would you
please give me an example?

> with the "defense in depth" philosophy, which is
> basically putting layered defenses all-together for
> ensuring that breakage, corruption, overriding
> or any other type of mis-use either desired or 
> undesired against one or more layers, can't lead to 
> a complete compromise of the environment.

Thanks.

> All the rest of CC and the like it's much of the 
> same, but talking in technical terms, it's what 
> I've told you AFAIK.

What do you mean in the statement?



Thank you very much.

Best Regards,
Park Lee


		
__________________________________ 
Discover Yahoo! 
Stay in touch with email, IM, photo sharing and more. Check it out! 
http://discover.yahoo.com/stayintouch.html

--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.