[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: New development



On Monday ١٢ September ٢٠٠٥ ١٤:٣٨, Dustin Kirkland wrote:

<snip>

>.  Perhaps after this patch is integrated, the binary record to-do
> sounds interesting to me...
> 
> 
> 
> :-Dustin
> 

So we have talked about this in the past and it was indeed slated for EAL٤, but was dropped in
favor of plaintext.  This is a good place to start,

http://www-aix.informatik.uni-tuebingen.de/doc_link/en_US/a_doc_lib/aixprggd/progcomc/ch٤_xdr.htm

I'm partial to using XDR as it's already in the kernel (net/sunrpc/xdr.c) and addresses, by design,
some of the nasty issues that surface when using a binary record format (ie: ٣٢-bit vs. ٦٤-bit).

We're also going to want to converge on a set of standard tokens and some have suggested we
go with the (Basic Security Module) BSM set of audit tokens.  Here's a good paper here on this
subject,

http://٧٢.١٤.٢٠٧.١٠٤/search?q=cache:wXnO٢bVvxiMJ:dependability.cs.virginia.edu/bibliography/١٩٠٧٠٠٠١.pdf+Better+Logging+Through+Formality&hl=en
(Looks like the original PDF was removed)

And it's worth checking out the TrustedBSD implementation... 

http://fxr.watson.org/fxr/source/bsm/?v=TRUSTEDBSD-AUDIT٣

-tim


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]