Re: An interesting new computer security problem
At 12:58 PM 9/27/04 -0600, Anne Lynn Wheeler wrote: At 11:03 PM 9/24/2004, Peter Gutmann wrote: A few days ago I was chatting with some people working on a government IT project who had a rather complex security problem that they needed help with. They have a large number of users with Windows dumb terminals (think Xterms but for Windows) connected to a central ASP server, which runs various mutually untrusted apps from different vendors. Their problem was that they needed a means of securing the individual apps from each other. I told them that they were in luck, and this exact problem had already been addressed before. I'd drop off the detailed technical specs for the solution when I next saw them, they could recognise it by its bright orange cover. Put each app on a separate machine, and don't put any networking equiptment in the machines. Simple. = 36 Laurelwood Dr Irvine CA 92620-1299 VOX: (714) 544-9727 (home) mnemonic: P1G JIG WRAP ICBM: -117.7621, 33.7275 PGP PUBLIC KEY: by arrangement Send plain ASCII text not HTML lest ye be misquoted. Really. -- Don't 'sir' me, young man, you have no idea who you're dealing with Tommy Lee Jones, MIB - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: An interesting new computer security problem
note that was being done with virtual machines in the 60s well before the orange book there were also a number of commercial time-sharing companies offering services based on virtual machine technology where possibly mutually antagonistic clients were using the services. we had a service that had some of the most sensitive corporate secrets there were on the same machine with all sorts of BU, MIT, and harvard students. random past references to some of the in-house as well as commerical (virtual machine based) time-sharing services from the 60s 70s: http://www.garlic.com/~lynn/subtopic.html#timeshare At 11:03 PM 9/24/2004, Peter Gutmann wrote: A few days ago I was chatting with some people working on a government IT project who had a rather complex security problem that they needed help with. They have a large number of users with Windows dumb terminals (think Xterms but for Windows) connected to a central ASP server, which runs various mutually untrusted apps from different vendors. Their problem was that they needed a means of securing the individual apps from each other. I told them that they were in luck, and this exact problem had already been addressed before. I'd drop off the detailed technical specs for the solution when I next saw them, they could recognise it by its bright orange cover. Peter. (Actually it wasn't quite that simple and easily solveable: The ASP server is untrusted as well, it just acts as a middleman for back-ends located at various locations, and only the back-ends are trusted. I figured giving them the Orange Book would be easier than trying to explain that they had an unsolveable problem on their hands). - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] -- Anne Lynn Wheelerhttp://www.garlic.com/~lynn/ - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]