[comp.windows.ms.programmer] NT kernel getting B2 or C2

randall@Virginia.EDU (Randall Atkinson) (06/03/91)

In article <72705@microsoft.UUCP> alistair@microsoft.COM (Alistair BANKS) writes:

[Regarding the use of Microsoft's "NT" kernel to build OS/2 3.x & Windows32]

>I was careful to say that NT, the kernel, was designed for B2, but with
>32-bit Windows subsystem would be C2. NT with another subsystem
>could get B2 certification, but a B2 Win32 subsystem would result
>in a very un-useable system. B2 would defy today's Clipoard, DDE, OLE, Drag
>& Drop and other features. Users like these features in a PC operating
>system!

  I would be very surprised if NT+Win32 would qualify for even a C2
system.  Current versions of MSDOS are D systems.  

  To qualify for C2, there would have to be real discretionary access
control mechanisms built into the OS (including the file system);
there are none such in MSDOS or even in Windows 3.0.  Even OS/2 is a D
system -- again for lack of discretionary access controls (in the file
system and elsewhere).  One real fundamental change would be that the
system would have to be a real MULTIUSER system, unlike any released
or announced version of MSDOS or OS/2.

  It is important to keep in mind that only SYSTEMS (both hardware and
software together) can be evaluated for TCSEC compliance.  It is not
meaningful to talk about a "B2 kernel" and I wish that folks wouldn't.
Although I believe that Alastair was well-intentioned in his posting,
many vendors talk about the rating that their OS or system "would get",
but very few actually get it certified.  "Might be"s aren't useful to
folks interested in trustworthy systems -- only actual ratings are.

  This has rather little to do with MS-Windows programming anymore, so
followups are redirected to alt.security.