daveb@geac.UUCP (Brown) (09/14/87)
In article <8300004@osiris.cso.uiuc.edu> goldfain@osiris.cso.uiuc.edu writes: >IN SPITE OF RESEARCH, THE FOLLOWING ARE TENETS OF THE CURRENT WORKPLACE: >"There is no such thing as real computer security." >"There is always one more bug." These two tenets are related to each other in an interesting way: provably secure operating systems exist (so-called "A1" systems), but the proof merely demonstrates that a) An externally specified standard is met, and b) Certain insecure features have a diminishingly small bandwidth. (a) is related to the buggyness theorem by one level of indirection: there is no proof in the system that the extra-systemic security policy does not contain bugs. --dave (and I can point one out, oh orange-bookers) c-b -- David Collier-Brown. {mnetor|yetti|utgpu}!geac!daveb Geac Computers International Inc., | Computer Science loses its 350 Steelcase Road,Markham, Ontario, | memory (if not its mind) CANADA, L3R 1B3 (416) 475-0525 x3279 | every 6 months.