"Security in Multics" Review

From: Tarik Nesh-Nash (tarikn_at_microsoft.com)
Date: Wed Jan 07 2004 - 18:14:16 PST

  • Next message: Raz Mathias: "Protection and the Control of Information Sharing in Multics"

    This paper describes the security system of the Multics "OS prototype" implemented in 1973.
    I am impressed with some of these ideas and its similarity with some current security trends.
    I read the book "Writing secure Code" (ISBN: 0735617228) and many security principles discussed on the paper (the 5 design principles) are still the emphasis of this latest Microsoft publication (2002).
    It is also interesting that the idea of ACLs (Access Control Lists) existed on the 1973 and it does still exist in windows architecture today. It is mentioned that the ACLs was a tradeoff between the flexibility of engineering, ease of understanding and economy of implementation. I wonder if there were other publications on this field that provided a better (best) tradeoff to this. Is the current Windows implementation the best?
    Many open questions remain unanswered, and I would be interested to see how this project progressed (it did not end till 2000)
    A good practice is the discussion of the weaknesses. Microsoft is currently pushing to evaluate the security of all its software and makes sure to understand its weaknesses. A practice that was neglected by the company for a long time.
    I found this reading long and sometimes hard to fully understand. I would recommend that the instuctor provides some background reading or references to complete the picture. Otherwise, this is my first contact with publications reading, and I find the course methodology very rewarding and entretaining.
     
     


  • Next message: Raz Mathias: "Protection and the Control of Information Sharing in Multics"

    This archive was generated by hypermail 2.1.6 : Wed Jan 07 2004 - 18:15:39 PST