security levels, V.4

[Ran Atkinson]

In article <1990Nov30.064557.13565 at fiver> palowoda at fiver (Bob Palowoda) writes:

>  So C2 is required for *any* UNIX OS to be C2 and B2 which is as I 
>understand it more secure is not required. Yes I would like to here
>from someone with the orange-book explain this. I know nothing about the
>security levels, nor do I own a system or use one at work. I do have
>accounts on some systems that do and once in a while I am locked out
>saying with a message for no reason at all. So indirectly it does affect
>me as a user. I'm sure the bugs will be found fix etc but this this
>brings up another question. How does each level of security packages
>affect the devolopment cost of applications for any UNIX that uses it?
>How will we know when the price/security costs are enough?
>
>---Bob

I think the original quote that Bob is reacting to was not well worded.
It is not the case that all versions of an OS must meet the C2 requirement
for any version to meet C2 (or some higher requirement such as B2).
In particular, there are non-C2 versions of UNIX that are commercially 
available and there are B2 versions of UNIX that are available (which
is an existence prrof for my assertion above.)

There clearly is some cost to having a "trusted system" and at the moment
the driving force behind such development is clearly the US DoD for the
simple reason that banks, etc  choose to buy insurance against breakins rather
than spending the money to prevent the breakins by having a more trustworthy
system.

I gather that most folks here don't care much about such things and would
be inclined to say that they should be options from vendors rather than
the vendor forcing folks to all buy abilities that aren't wanted...

  Ran
  randall at Virginia.EDU