next up previous
Next: Feustel, Mayfield: The DGSA: Up: DARPA/NSA/DISA Joint Technology Office: Previous: Network-Operating System Interaction

Risk Reduction

In the last section of the paper, the authors discuss several ways to prevent and detect intruders. A secure system needs to collect data and to offer mechanisms to analyze data about the running system. This includes logging all kind of important information. For such analysis to be trustworthy, it must be impossible for an intruder to deactivate the mechanisms or to change the collected data. Furthermore, the audit process must be easy to use and efficient. The authors also talk about the research of operating systems themselves. They argue that it is expensive and takes a long time to research new concepts of operating systems. Therefore, an infrastructure has to be created that allows early, rapid, and accurate analysis of the benefits and consequences of innovative operating system concepts.

Tim Wellhausen
2000-01-20