Date: Tue, 11 Apr 2000 08:41:10 +0200 From: Phil Regnauld <none@regnauld--ftf.net.lh.bsd-dk.dk> To: BSD DK Mailing List <none@bsd-dk--bsd-dk.dk.lh.bsd-dk.dk> Subject: Trusted BSD
A new project:
TrustedBSD provides a set of trusted operating system extensions to the
FreeBSD operating system, targeting the Orange Book B1 evaluation
criteria. This project is still under development, and much of the code
is destined to make its way back into the base FreeBSD operating system;
however, this site will provide access to documentation, code relating
to features that are still under development, and code that has its
fingers in too many places to justify integrating into the base OS.
Targetted features include:
Extensible and audited authorization framework for integrating
third-party authorization modules, include general-purpose subject and
object labeling and centralized policy management.
Fine-grained capabilities for system functions so as to implement
least-privilege and reduce the risks of compromise.
Mandatory access control for privacy and integrity, allowing FreeBSD
to be used in environments hosting mutually suspicious parties and
multi-level security models.
Access control lists for the file system and other kernel resources
allowing fine-grained and manageable discretionary access control
Event auditing support, and single-host modular IDS system to monitor
security events and notify administrators in the event of irregularities
-- Anything is possible, but not everything will happen.
This archive was generated by hypermail 2b30 : Wed 15 Nov 2006 - 18:24:02 CET