600.436
High-Assurance Systems
Fall 01/Introduction
5
Caveats
¨This is a new, experimental course
We literally are making it up as we go along!
¨David:
Has done evaluations in two countries under three
standards
Project lead and primary author: Guide to writing the Security Features Users Guide (part of
the rainbow series)
Technical Editor for the Federal Criteria
Current member of CORBA Security standards
committee
¨Jonathan:
Has designed and built an allegedly secure system:
EROS
Has shipped three set new bar products grossing >
$250M (lots of production reality to
check against)
These delivered on time
¨We both:
Detest process qua process
Understand some of what works in practice