From: owner-cypherpunks@toad.com
Date: Thu, 21 Mar 1996 15:22:22 +0800
Subject: No Subject
Message-ID: <QQahyp09028.199603210648@relay3.UU.NET>
MIME-Version: 1.0
Content-Type: text/plain


Brad Shantz wrote:

| I have  been working for some time on a project that involves doing 
| proactive file authorization/authentication under Windows NT.  In the 
| process, I've been working on an extension to the Kernel layer of the 
| operating system because we need to be able to catch read/writes to 
| the disk.  (All perfectly legal according to the DDK, just 
| ot documented worth a damn.)  All of this is designed to work 
| directly with the functionality given to us by the NT-Security layer.
| 
| Basically, I'm now questioning the C2 rating of Windows NT.  The 
| entire security layer is  modular to the Kernel.  As a modular 
| driver, it can be removed, rewritten, and replaced.   
| 
| So, what makes it secure?  What gives it the C2 Rating?  How would 
| one go about getting a C2 rating?

	A C2 rating means that they have some audit trail mechanism,
and some means of authentication.  Basically, you read the Orange
book, spend a few million bucks, and get a C2 rating.  Ask MS if their
rating is valid after you add an ethernet card.  (The answer is no.  A
system is certified for a particular set of hardware & software.)

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume