At 03:54 PM 3/21/96 EST, you wrote:

...

configuration can be certified as C2 compliant. The way I read the orange book, no system with a network connection can ever be C2. For that matter a system can't get C2 unless it is in an area where you can control and monitor physical access to the system.

This is incorrect -- you can have a C2 system which has a network connection. Indeed, you can get a B2 rating with a networked system, c.f. Multics.

-derek

Well, I never argue with anyone from MIT..... But. I don't see any reason a C2 or B2 system can't be networked to another system(s) with the same classification. But that isn't really what I meant. Can you make a firewall system that is C2 compliant? Isn't this what you would need in order to connect a C2 system or network to another non secure network, (i.e. the internet)? I do agree that there is no place in the orange book that says "thou shall not speak ethernet" but can you network a system and be able to "require that ADP systems that process, store, or use classified data and produce classified information will, with reasonable dependability, prevent delibrate or inadvertent access to classified material by unauthorized persons, and unauthorized manipulation of the computer and its associated peripheral devices." Which the orange book does say. I guess "reasonable dependability" is a pretty broad term. Pardon a newbie here if I am being unusally obtuse, but you can't learn if you don't ask. dwl@hnc.com David Loysen 619-546-8877 x245