Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: What is 'Trusted Oracle'?

Re: What is 'Trusted Oracle'?

From: Dale Edgar <Dale_at_DataBee.com>
Date: Sat, 8 Jun 2002 07:38:51 +0000 (UTC)
Message-ID: <3d01b26a.2244407@news.btclick.com> 





>Trusted Oracle was developed originally for the US Government, and runs/ran

>on specific. certified and tested platforms with a specific Oracle release,

>a specific O/S release, a specific hardware platform, and so forth, and the

>whole business was tested and certified as a unit, for security.

>

>A key part was MLS, that carried security "labels" down to the row level,

>that were sort of hierarchical, kinda.




The O/S's were are also "Trusted". They applyed the security label
concept to files. A number of years back I remember working for a
month or two on Sequent server running "Trusted Dynix". The unix
accounts had assigned security levels between 0 and 255. Files,
devices etc that had higher security than you just didn't exist. 



What a nightmare to administer - everything took 4 times as long to do
and software was always breaking on the permissions. IMHO if you
implement anything on a "trusted" level system you had better really,
really need the extra security.



Regards


Dale




Need instant schema documentation? Check out the DDL to HTML converter
in the free DBATool. http://www.DataBee.com/dt_home.htm
Received on Sat Jun 08 2002 - 02:38:51 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US