<html>
<head>
<DEFANGED_style type="text/css">
<!--
body { margin-top: 4px; margin-bottom: 1px; margin-right: 4px; font-variant: normal; margin-left: 4px; line-height: normal }
-->
</DEFANGED_style>
</head>
<body DEFANGED_style="margin-top: 4px; margin-bottom: 1px; margin-right: 4px; margin-left: 4px">
<DIV> First cut - work in progress.
</DIV>
<DIV> </DIV>
<DIV>Attached are different formatted versions of the outline I started after our last call.
</DIV>
<DIV> </DIV>
<DIV>Don't be put off by it's length - I deepended a little exploring features and options that ought to be rolled up into higher level requirements.
</DIV>
<DIV> </DIV>
<DIV>For instance, while I spend too much time describing Login Policies, it might be sufficient to say "support POSIX-style password and login policies", if we can refer to them externally.
</DIV>
<DIV> </DIV>
<DIV>Similarly with Crypto - basically, we need to be able to let people say "needs FIPS 140-2 crypto algorithms and implementations", without detailing hash algorithms, etc.
</DIV>
<DIV> </DIV>
<DIV>But - you get the broad idea...
</DIV>
<DIV> </DIV>
<DIV>Outline:
</DIV>
<DIV>1) Introduction
</DIV>
<DIV>2) Definitions
</DIV>
<DIV>3) Security Objectives
</DIV>
<DIV> a) Objective Names & Descriptions
</DIV>
<DIV> b) Target System Profile Descriptions
</DIV>
<DIV> i) Database Server
</DIV>
<DIV> ii) Mid-Tier Application Server
</DIV>
<DIV> iii) Edge / Public Facing Network Services Server
</DIV>
<DIV> iv) Internal Infrastructure Server
</DIV>
<DIV> v) File / Print / Departmental / Storage Server (out of scope for DCL)
</DIV>
<DIV> c) Objectives / Target System Coverage matrix
</DIV>
<DIV>4) Functionality Table
</DIV>
<DIV>5) Assurances Table
</DIV>
<DIV>6) Appendixes<br><br>>>>Chris Wright <chrisw@osdl.org> 03/31/05 1:50 am >>><br>Reminder - security SIG bi-weekly conference call<br>Date: 3/31/05<br>Time: 9AM to 10AM Pacific<br>Toll-free: 1-800-211-0633<br>Toll: 1-719-867-0485<br>Participant code: 932475<br><br>Note taker: TBD<br><br>Agenda<br><br>- CGL security spec<br>- DCL security spec<br>- DTL (-ish) directory style authentication<br>- OLS BoF material<br>- any other business<br><br>thanks,<br>-chris<br>--<br>Linux Security Modules     http://lsm.immunix.org     http://lsm.bkbits.net<br> </DIV>
</body>
</html>