On Thu, 13 Apr 2000, R. Michael Williams wrote:
> >I still happen to hold the opinion that remote display from a
> >hardened OS (preferably one with MAC compartments) is the best
> >answer to all that stuff. Preferably on an OS that doesn't allow
> >Internet-enabled object modules.
>
> Paul, can you expand on this concept for me? It looks interesting but
> it's news to me. TIA.
Instead of running a Web browser on a desktop and worrying about
everyone's most favorite vendor enabling distributed object modules via
HTTP (Yes, ActiveX was only a start to the utter maddness that is some
lackwit in Redmond's idea of 'cool Internet technology.'), the idea is to
run the browser on a machine on the DMZ and export the display back to the
desktop.
>From my perspective, doing so on an untrusted platform without MAC starts
to build out an infrastructure ripe for abuse when digitial signatures
become legally binding, so I'd definitely go with either a trusted OS, or
one that comes fairly close to that model by enfocing MAC. Extra security
bonus points come from choosing an OS that doesn't conform to the "run our
unchecked (but signed!- not that we check signatures for ourselves or that
we've figured out a way to revoke anything or even track what needs
revoking...) object code on your targ^H^H^H vict^H^H^H^H machine!"
There are added bonuses of being able to reset the user's environment,
centralized administration of a security critical function, not having to
worry about encrypted tunnels like SSL, not having to worry about lusers
installing new applications...
Scalability and application interoperability seem to be the only hurdles,
and I don't think they're too high for the extra security.
Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
[EMAIL PROTECTED] which may have no basis whatsoever in fact."
PSB#9280
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
