Thanks, I have found it. 在2006年07月12日的18:13,Albert Qu写道: > Thank you for your explanation. Could you give some links about > "Tamarack project"? > > 在2006年07月12日的17:45,Darren J Moffat写道: > > Albert Qu wrote: > > > Why don't we make a general security framework to support all kinds of > > > devices? Those spec define the similiar functions, such as > > > authentication, encryption, etc. The abstract layer will reduce much > > > time for developing similiar protocol. > > > > We have some of this already, where do don't have it is because the > > standards bodies come up with different auth and encryption in their > > protocols. > > > > We already have (as of Solaris 10) a core cryptographic framework for > > userland and kernel. > > > > We already have (as of Solaris 2.6) a core host based authentication > > system for users - PAM. > > > > We already have (as of Solaris 2.6) a network based auth for users and > > network services - GSSAPI (and as of Solaris 10 SASL as well). > > > > We already have an in kernel SSL and for userland provide OpenSSL and > > Mozilla NSS libraries as well as JSSE. > > > > > > We have a device level (as the OS presents the) security model as well, > > that is being updated with the Tamarack project for even better control > > over removable media. > > > > The security issues with things like Wireless USB and Bluetooth are much > > more to do with the architecture of the protocols than they are about > > code reuse and central policy on the host OS. In other words sadly > > already baked and we just have to work around them to secure the OS from > > them. > > > > > > -- > > Darren J Moffat > -- > Albert Qu <[EMAIL PROTECTED]> -- Albert Qu <[EMAIL PROTECTED]>
_______________________________________________ opensolaris-discuss mailing list [email protected]
