Date: Tue, 14 Oct 1997 14:16:51 -0400 (EDT) From: Drew Derbyshire <ahd@kew.com> To: petrilli@amber.org, softweyr@xmission.com Cc: security@FreeBSD.ORG Subject: Re: C2 Trusted FreeBSD? Message-ID: <199710141816.OAA05520@pandora.hh.kew.com>
next in thread | raw e-mail | index | archive | help
> From owner-freebsd-security@FreeBSD.ORG Tue Oct 14 14:03:45 1997 > Christopher Petrilli writes: > > But what about when you have 10,000 users, and you need 486 of them to > > not have access? Do you see the issue of performance slowly creeping up > > when yyou have 50,000 groups? This becomes a hideous nightmare. > > Right. A "secure" system with 10,000 users. You obviously don't > understand security in the same way the government does. ;^) No, that's exactly what they want -- 10,000 or 25,000 people with access to the system but not all it's data. Back in the late 80's a large mainframe system for a government security agency had 25K user accounts on it -- the vendor couldn't get a core dump from them after problems, for the obvious reasons. :-) I believe IBM's VM/XA was C2 certified (a system which could handle 1000 concurrent users pretty easily, so 25K accounts would not be unreasonable); I don't know if they ever went for B1 or not. -ahd- -- Drew Derbyshire Internet: ahd@kew.com Kendra Electronic Wonderworks Telephone: 781-279-9812 AAAAAA - American Association Against Acronym Abuse Anonymous.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710141816.OAA05520>