|
Home > Archive > Unix administration > March 2004 > Question: C2 Security Configuration for general Unix and Solaris/Trusted Solaris (Audi
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
Question: C2 Security Configuration for general Unix and Solaris/Trusted Solaris (Audi
|
|
| William Arens 2004-02-20, 9:35 am |
| While reviewing the DoD 5200.28-STD "DEPARTMENT OF DEFENSE TRUSTED
COMPUTER SYSTEM EVALUATION CRITERIA" document and looking over
"Security Requirements for Automatic Data Processing (ADP)
Systems," for Federal systems requiring C2 compliance I realized
that I do not understand the distinction between Solaris and
Trusted Solaris.
On the issue of Accountability(auditing)
1. Can Unix machines using only the syslogd facility meet 'C2'
or higher?
2. Does Trusted Solaris offer any system resource advantage
(CPU and Disk utilization) over Solaris using BSM when
the need for accountability requires 'C2' level of logging?
SolarisOE SunSHIELD™ Basic Security Module (BSM)
| |
|
| In article <48f7af9b.0402201510.c73a38f@posting.google.com>,
william_arens@emainc.com says...
> While reviewing the DoD 5200.28-STD "DEPARTMENT OF DEFENSE TRUSTED
> COMPUTER SYSTEM EVALUATION CRITERIA" document and looking over
> "Security Requirements for Automatic Data Processing (ADP)
> Systems," for Federal systems requiring C2 compliance I realized
> that I do not understand the distinction between Solaris and
> Trusted Solaris.
Trusted Solaris assigns "labels" to all the files, data, devices, users
and processes and takes great pains to make sure that everything with
the same label is isolated from stuff with other labels, subject to
exceptions defined by a user called the "security manager". This is
called mandatory security because the users have no choice in what the
labels are or how they are managed. (Well, the security manager can
specify all that when the OS is first installed, but that's it.) In
addition to that, TSOL employs the familiar concepts of users, groups
and permissions (the discretionary security stuff).
Regular Solaris has no concept of labels. It simply employs the
concepts of users, groups and permission settings.
> On the issue of Accountability(auditing)
>
> 1. Can Unix machines using only the syslogd facility meet 'C2'
> or higher?
Not sure, but I doubt it. I think you need to log more detail than
syslog offers. (We need a syslog expert for this one.)
> 2. Does Trusted Solaris offer any system resource advantage
> (CPU and Disk utilization) over Solaris using BSM when
> the need for accountability requires 'C2' level of logging?
Not that I've seen.
| |
| William Arens 2004-02-25, 11:34 pm |
| Thanks for the clarification. I am starting to understand the
trusted solaris distinction.
About the syslog issue, it turns out that without "kernel level logging",
you cannot get the necessary auditing that is called for to meet C2.
For Solaris, turning on BSM and rebooting the server provides C2 logging,
but has the potential to consume your resources.
grog <greg@or.y> wrote in message news:<MPG.1aa10a68b3ca556598a9e2@news.alt.net>...
> In article <48f7af9b.0402201510.c73a38f@posting.google.com>,
> william_arens@emainc.com says...
>
> Trusted Solaris assigns "labels" to all the files, data, devices, users
> and processes and takes great pains to make sure that everything with
> the same label is isolated from stuff with other labels, subject to
> exceptions defined by a user called the "security manager". This is
> called mandatory security because the users have no choice in what the
> labels are or how they are managed. (Well, the security manager can
> specify all that when the OS is first installed, but that's it.) In
> addition to that, TSOL employs the familiar concepts of users, groups
> and permissions (the discretionary security stuff).
>
> Regular Solaris has no concept of labels. It simply employs the
> concepts of users, groups and permission settings.
>
>
> Not sure, but I doubt it. I think you need to log more detail than
> syslog offers. (We need a syslog expert for this one.)
>
>
> Not that I've seen.
| |
|
|
| jspears@tevora.com 2004-03-01, 10:34 pm |
| You can also install an access control product like Access Control For
Unix from CA. Properly configured, it is rated all the way up to B2.
"Erlend Leganger" <elega@remove.this.online.no> wrote in message news:<k5t%b.6711$rj4.92645@news2.e.nsc.no>...
> Just FYI, I know that within NATO, you can get C2 certification by using an
> evaluated verison of Solaris (the latest is Solaris 8 02/02) and then set it
> up according to the Security Release Notes:
>
> http://wwws.sun.com/software/securi...ocs/SRN_1.1.pdf
>
> This includes a lot of settings (and also BSM), but is pretty
> straightforward. You are stuck with Solaris 8 though.
>
> See http://wwws.sun.com/software/security/securitycert/ for more details.
>
> - Erlend Leganger
|
|
|
|
|