An interesting "new" computer security problem
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sat Sep 25 01:03:03 EDT 2004
A few days ago I was chatting with some people working on a government IT
project who had a rather complex security problem that they needed help with.
They have a large number of users with Windows dumb terminals (think Xterms
but for Windows) connected to a central ASP server, which runs various
mutually untrusted apps from different vendors. Their problem was that they
needed a means of securing the individual apps from each other.
I told them that they were in luck, and this exact problem had already been
addressed before. I'd drop off the detailed technical specs for the solution
when I next saw them, they could recognise it by its bright orange cover.
Peter.
(Actually it wasn't quite that simple and easily solveable: The ASP server is
untrusted as well, it just acts as a middleman for back-ends located at
various locations, and only the back-ends are trusted. I figured giving them
the Orange Book would be easier than trying to explain that they had an
unsolveable problem on their hands).
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list