[16236] in cryptography@c2.net mail archive
An interesting "new" computer security problem
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Mon Sep 27 13:49:03 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: cryptography@metzdowd.com
Date: Sat, 25 Sep 2004 17:03:03 +1200
A few days ago I was chatting with some people working on a government IT
project who had a rather complex security problem that they needed help with.
They have a large number of users with Windows dumb terminals (think Xterms
but for Windows) connected to a central ASP server, which runs various
mutually untrusted apps from different vendors. Their problem was that they
needed a means of securing the individual apps from each other.
I told them that they were in luck, and this exact problem had already been
addressed before. I'd drop off the detailed technical specs for the solution
when I next saw them, they could recognise it by its bright orange cover.
Peter.
(Actually it wasn't quite that simple and easily solveable: The ASP server is
untrusted as well, it just acts as a middleman for back-ends located at
various locations, and only the back-ends are trusted. I figured giving them
the Orange Book would be easier than trying to explain that they had an
unsolveable problem on their hands).
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
