[52390] in Cypherpunks
Re: NT's C2 rating
daemon@ATHENA.MIT.EDU (Adam Shostack)
Wed Mar 20 19:37:21 1996
From: Adam Shostack <adam@homeport.org>
To: bshantz@nwlink.com
Date: Wed, 20 Mar 1996 19:13:24 -0500 (EST)
Cc: cypherpunks@toad.com
In-Reply-To: <199603202119.NAA26183@montana.nwlink.com> from "Brad Shantz" at Mar 20, 96 01:17:05 pm
Brad Shantz wrote:
| I have been working for some time on a project that involves doing
| proactive file authorization/authentication under Windows NT. In the
| process, I've been working on an extension to the Kernel layer of the
| operating system because we need to be able to catch read/writes to
| the disk. (All perfectly legal according to the DDK, just
| ot documented worth a damn.) All of this is designed to work
| directly with the functionality given to us by the NT-Security layer.
|
| Basically, I'm now questioning the C2 rating of Windows NT. The
| entire security layer is modular to the Kernel. As a modular
| driver, it can be removed, rewritten, and replaced.
|
| So, what makes it secure? What gives it the C2 Rating? How would
| one go about getting a C2 rating?
A C2 rating means that they have some audit trail mechanism,
and some means of authentication. Basically, you read the Orange
book, spend a few million bucks, and get a C2 rating. Ask MS if their
rating is valid after you add an ethernet card. (The answer is no. A
system is certified for a particular set of hardware & software.)
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
