Could you illuminate me on this subject please? I am working with a potential client who may need a fairly secure web server.
Years ago, the government published some criteria for highly secure systems, notably the TCSEC or "Orange Book," which described requirements for protecting classified information on a timesharing system with uncleared users. Several vendors managed to build such systems, though very few were judged secure enough to really protect classified data from uncleared users. However, the underlying mechanisms of "mandatory access control" do manage to block a range of sophisticated attacks against the host computer. These are the systems given the various B and A ratings: B1, B2, B3, A1 (in ascending order of security). Also-ran systems that can keep honest people from tripping over one another were given "C" ratings, though "C2" is all you see any more. A few vendors are putting Web servers and such on systems with mandatory protection. I've heard talk of it from SecureWare, HP, Harris, and AT&T using B1 or B1-like systems. Pardon the plug, but our Sidewinder also hosts a protected Web server and uses mandatory protection to prevent Internet attacks from damaging it. In practice, I've found that most customers just want to demonstrate "due diligence" regarding security. They pick up whatever's popular in the marketplace that has some pretention of strong security ("We're C2 rated by the government!!"). It's a rare customer that actually takes the time to look at the security issues and consider whether they might need what mandatory protection provides. Rick. smith@sctc.com secure computing corporation