SEC: object security (fwd)

Mike Prince mprince@crl.com
Tue, 1 Nov 1994 12:45:46 -0800 (PST)


Please forgive me if you have already recieved this.  We are having some 
mailer problems.

Mike

---------- Forwarded message ----------
Date: Tue, 1 Nov 94 1:57:51 MET
From: Francois-Rene Rideau <rideau@clipper.ens.fr>
To: Mike Prince <mprince@crl.com>
Cc: TUNES is a Useful <tunes@ens.fr>
Subject: Re: SEC: object security

> In my version binaries cannot forge anything.  Because there's no such 
> thing distributed, only our LLL which has it's final compile tightly 
> controlled.
That's also how I replied to Chris

> Another issue to consider is that of transport between 
> machines.  I send an agent with a bunch of "secure data" including access 
> code to get back into my system to a remote computer.  It's hijacked 
> (bitjacked?), return codes stolen, data compromised, and "returned" to 
> its sender, you.  That's the kind of security I'm worried about.  
> Problems that arise in a distributed environment.  How do we solve those 
> problems (besides the obvious answers).
*That's* much more problematic.
If you do not trust a line, you should introduce encryption to secure it;
but it will make things slower.
As I already stated, we need maintain inter-host trust level, which
should measure host and line security and reliability (i.e. chances of
failure; chances of piracy); various checking should be done according to
this trust level.