From: Jeff Barber <jeffb@sware.com>
To: maldrich@grctechs.va.grci.com (Mark Aldrich)
Message Hash: 9ab8b91c4ffdd18718606a55f0aa7da743a6e0f6bc3f940e4b42dee740382bb4
Message ID: <199603252239.RAA06963@jafar.sware.com>
Reply To: <Pine.SCO.3.91.960323142342.1956C-100000@grctechs.va.grci.com>
UTC Datetime: 1996-03-26 05:54:23 UTC
Raw Date: Tue, 26 Mar 1996 13:54:23 +0800
From: Jeff Barber <jeffb@sware.com>
Date: Tue, 26 Mar 1996 13:54:23 +0800
To: maldrich@grctechs.va.grci.com (Mark Aldrich)
Subject: Re: NT's C2 rating
In-Reply-To: <Pine.SCO.3.91.960323142342.1956C-100000@grctechs.va.grci.com>
Message-ID: <199603252239.RAA06963@jafar.sware.com>
MIME-Version: 1.0
Content-Type: text/plain
Mark Aldrich writes:
>
> On Sat, 23 Mar 1996, Bill Frantz wrote:
>
> > At 5:11 PM 3/22/96 -0600, Rick Smith wrote:
> > >The big deal is that few vendors have tried to get NCSC evaluations.
> >
> > We walked KeyKOS a long way down the path to a B2 rating. Our investors
> > refused to fund the estimated $1 million it would cost to do all the
> > paperwork. They felt there was no market for NCSC secure systems. Perhaps
> > others felt the same way.
>
> Hopefully, with the Common Criteria replacing the Orange Book (pray, this
> year), you'll now be able to evaluate against a profile for a lot less
> money. And, believe it or not, customers will actually get security
> products they need instead of another instance of the Bell-LaPadula model
> crafted to military specs.
Well, I haven't exactly been "plugged in" to the development of the CC
but given the sheer size of the criteria (I just downloaded it, killing
a small tree to print its more than 1000 pages), I'm curious to know why
you think evaluations will be so much less expensive.
At first glance, some of the requirements seem a little more specific
and the evaluation process a bit more flexible, but evaluating an entire
OS, for example, is still going to take many man-years (excuse me,
person-years) of engineering labor. And then, when you're done, still
nobody will want what you've got since it will inevitably be two releases
behind the "non-secure" version and you will have thrown out some pieces
where it was too much trouble to make them work "securely".
It appears to me that the main difference is that your system will be
unwanted in several different countries at once. :-)
-- Jeff
Return to March 1996
Return to “Mark Aldrich <maldrich@grctechs.va.grci.com>”