meo@Dixie.Com (Miles ONeal) (03/15/91)
Sean Eric Fagan responds to John F Haugh II: |Uhm, SecureWare got at least one of their products rated. Again, just |something I seem to recall reading somewhere (probably, again, InfoWorld, |although it might have been ComputerWorld [magazines people send to me for The news was in both of those. |free]). Wish I could remember. But I think it was a B-level. You can't SecureWare passed formal evaluation recently on a CMW (compartmented mode workstation). The CMW rating crosses several Orange Book lines - parts are at B1, parts at B2, etc. It is another beastie altogether. |blame SW or SCO for not getting the C2 product evaluated: the gov't isn't SecureWare did the work for SCO. In fact, much of SecureWare's work is for other vendors - Apple, DEC, SCO, etc. In some of these cases, SecureWare did the work under contract, which means the final product belongs to the vendor. The contracts typically do not include the costs (money or time) of getting a system evaluated. That is the responsibility of the vendor; if they wish SecureWare to produce an evaluated product, they'll ask for that. In other cases, SecureWare licensed technology to the vendor. The vendor knows whether that technology is evaluated or not, and again, it is up to them to market it appropriately. As to what SCO intends with their C2 version, I haven't the faintest idea. I haven't been involved in that work. If SecureWare were to sell products, you can be sure the products would be explicitly labelled as to whether they were simply compliant, or were evaluated. |going to rate C level products anymore, I've been told, because it's not |worth the effort! I don't know about this, one way or the other. -Miles