Re: New development

On Monday 12 September 2005 14:38, Dustin Kirkland wrote: <snip> So we have talked about this in the past and it was indeed slated for EAL4, but was dropped in favor of plaintext. This is a good place to start, http://www-aix.informatik.uni-tuebingen.de/doc_link/en_US/a_doc_lib/aixpr... I'm partial to using XDR as it's already in the kernel (net/sunrpc/xdr.c) and addresses, by design, some of the nasty issues that surface when using a binary record format (ie: 32-bit vs. 64-bit). We're also going to want to converge on a set of standard tokens and some have suggested we go with the (Basic Security Module) BSM set of audit tokens. Here's a good paper here on this subject, http://72.14.207.104/search?q=cache:wXnO2bVvxiMJ:dependability.cs.virgini... (Looks like the original PDF was removed) And it's worth checking out the TrustedBSD implementation... http://fxr.watson.org/fxr/source/bsm/?v=TRUSTEDBSD-AUDIT3 -tim