jtd@wdl1.UUCP (Jeffrey T. DeMello) (11/11/87)
Is there any info/interest/experience out there in the DB world about Multi-Level secure databases? Has anyone out there read proceedings/attended the National Computer Security Center Invitational Workshop on Database Security. Has anyone out there made interpretations to the DoD "Orange Book" as applied to DB's Jeff DeMello jtd@ford-wdl1.arpa
anderson@aero.ARPA (Tom Anderson) (11/15/87)
In article <3560003@wdl1.UUCP> jtd@wdl1.UUCP (Jeffrey T. DeMello) writes: >Is there any info/interest/experience out there in the DB world about >Multi-Level secure databases? > >Has anyone out there read proceedings/attended the National Computer >Security Center Invitational Workshop on Database Security. > >Has anyone out there made interpretations to the DoD "Orange Book" >as applied to DB's > >Jeff DeMello >jtd@ford-wdl1.arpa yes, there is a group actively working on the TDI (Trusted DBMS Interpretations) to the DoD "Orange Book. The NCSC workshop was the initial step, leading to a smaller working group preparing the TDI. Several papers in the Invitational Workshop attempted to provide direction for the intended TDI. (I believe that you can request a copy by contacting Office of Standards and Products, ATTN: Chief Computer Security Standards DoD Computer Security Center Fort Meade, Maryland 20755) A schedule for release of the TDI is not firm, i.e., the schedule for completion and other decisions will affect the timing of the release. The only truth is that the document is not currently available for release. (I was at the workshop, and am on the working group) anderson@aerospace