RE: I-0451: When To Use IFF/IFC And ACF/ACC
- Subject: RE: I-0451: When To Use IFF/IFC And ACF/ACC
- From: Nir Naaman <email@example.com>
- Date: Wed, 10 Mar 2004 22:57:06 +0200
- Content-transfer-encoding: 7BIT
- Content-type: text/plain; charset=us-ascii
- Importance: Normal
- In-reply-to: <404EDF74.firstname.lastname@example.org>
On Wednesday, March 10, 2004 Dr.Ir. D.J. Out wrote:
> How would I code with SFRs in a PP:
> The TOE will have a container containing data. This data may only be
> changed by user X.
> Nobody else is allowed to change, modify, cause to be changed,
> substitute, or alter this data in any way in such a way that all TOEs
> meeting this PP actually don't do this?
I'm either a party pooper or just ignorant, but isn't this crying out for a
This combination can EASILY express the requirement that the data IN the
container can't be changed, modified, altered, substituted, mangled, broken,
torn apart, whatever by anybody other than user X. Of course, user X can
create a COPY of the data that can be modified by others, but so what?
What doesn't this combination do? It doesn't guarantee that there are no bad
information flows THROUGH user x and into the container.
IFF is nifty, but outside the defense establishment, you can add:
And suddenly: ACF starts looking pretty attractive.
Or have I totally missed it?
Date Index |
Thread Index |
Problems or questions? Contact email@example.com