User: Password:
Subscribe / Log in / New account

Security Certification - Does It really mean not much?

Security Certification - Does It really mean not much?

Posted Nov 13, 2003 10:53 UTC (Thu) by dd9jn (subscriber, #4459)
In reply to: Security Certification - Does It really mean not much? by noxxi
Parent article: Security Certification - The Open Source Way

We could start a long thread on certification but well, I have to do other things. So just one hint: Get Peter Gutman's book and read the relevant chapters to see how useless certification of software is. A few of the other chapters are online.


(Log in to post comments)

Security Certification - Does It really mean not much?

Posted Nov 13, 2003 16:51 UTC (Thu) by kweidner (subscriber, #6483) [Link]

I know, you're not supposed to feed the trolls...

Chapter four (PDF) in Peter Gutman's book is about software verification techniques and criticizes the Orange Book (the CC predecessor) formal system verification methodology, suggesting a cryptography-based approach instead.

That is rather beside the point here, because formal design specifications and verification are only done at high assurance levels (>= EAL6), involving a complexity and amount of work that are far beyond what would be reasonable for a general-purpose operating system.

If you disagree, please let me know where I can get an operating system that is based on a cryptographic security architecture that could replace a Linux server in real-world use. Similarily, Shapiro claims in his article that the capability-based EROS-OS will be secure enough for EAL7 verification. It's an intriguing concept, but then again EROS-OS also looked very intriguing when I first heard of it a couple of years ago, and I'm not holding my breath waiting for it to be useful. If you want a working capability-based OS, take a look at OS/400, which is an elegant system but not famous for being user-friendly.

I'm not saying that the research Shapiro and Gutman are doing isn't interesting and potentially valuable, but in the meantime there are people who need to get real work done and want to use what is actually available and works.

Copyright © 2018, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds