On Mon, Sep 09, 2002 at 06:03:35PM +0200, Phil Payne wrote:
> >> MVS B1 SUPPORT: Selected MVS/ESA products, collectively called a
> >> trusted computing base (TCB), were evaluated by the United States
> >> Department of Defense's National Computer Security Center (NCSC),
> >> found to meet the criteria for a B1 level of trusted system, and>
>
> > Microsoft has only achieved a C2.
>
> And only then with the network and keyboard (!) detached.
>
> The reason IBM hasn't repeated the exercise (apart from some issues
> with USS) is the effort involved. It's gargantuan.
Actually, there may be other issues involved, since that B1
(AFAIK) probably pre-dates the availability of TCP/IP in the
base OS; Can someone shoot me and put me out of my misery if
I'm wrong?
SNA has been a back-breaker since, unlike TCP/IP, it actually
requires a fair amount of administration to set up routing
for an end-to-end connection; It's not meant to negotiate on
the fly for a route, which TCP/IP excels at (so it can try to
work around a "dead spot" in the network). Many of the "hacks"
against TCP/IP used this "strength" as a "weakness".
I recall there being a TCB option of AIX but I don't recall
what the rating is- Since I don't install it, I let that one
memory lapse since getting my certifications.
--
John R. Campbell Speaker to Machines [EMAIL PROTECTED]
- As a SysAdmin, yes, I CAN read your e-mail, but I DON'T get that bored!
"It is impossible for ANY man to learn about impotence the hard way." - me
