Thank you for your explanation. Could you give some links about "Tamarack project"?
在2006年07月12日的17:45,Darren J Moffat写道: > Albert Qu wrote: > > Why don't we make a general security framework to support all kinds of > > devices? Those spec define the similiar functions, such as > > authentication, encryption, etc. The abstract layer will reduce much > > time for developing similiar protocol. > > We have some of this already, where do don't have it is because the > standards bodies come up with different auth and encryption in their > protocols. > > We already have (as of Solaris 10) a core cryptographic framework for > userland and kernel. > > We already have (as of Solaris 2.6) a core host based authentication > system for users - PAM. > > We already have (as of Solaris 2.6) a network based auth for users and > network services - GSSAPI (and as of Solaris 10 SASL as well). > > We already have an in kernel SSL and for userland provide OpenSSL and > Mozilla NSS libraries as well as JSSE. > > > We have a device level (as the OS presents the) security model as well, > that is being updated with the Tamarack project for even better control > over removable media. > > The security issues with things like Wireless USB and Bluetooth are much > more to do with the architecture of the protocols than they are about > code reuse and central policy on the host OS. In other words sadly > already baked and we just have to work around them to secure the OS from > them. > > > -- > Darren J Moffat -- Albert Qu <[EMAIL PROTECTED]> _______________________________________________ opensolaris-discuss mailing list [email protected]
