Talk:Cross-domain solution

Computer Security: Computing Low‑importance

This article is within the scope of WikiProject Computer Security, a collaborative effort to improve the coverage of computer security on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.Computer SecurityWikipedia:WikiProject Computer SecurityTemplate:WikiProject Computer SecurityComputer Security articles

Low

This article has been rated as Low-importance on the project's importance scale.

This article is supported by WikiProject Computing.

Things you can help WikiProject Computer Security with:

Article alerts will be generated shortly by AAlertBot. Please allow some days for processing. More information...

Answer question about Same-origin_policy
Review importance and quality of existing articles
Identify categories related to Computer Security
Tag related articles
Identify articles for creation (see also: Article requests)
Identify articles for improvement
Create the Project Navigation Box including lists of adopted articles, requested articles, reviewed articles, etc.
Find editors who have shown interest in this subject and ask them to take a look here.

I would question the bias in this article. While I personally agree with some of the statements, things like this:

"a disturbing shift" "A shift of responsibility for certification and accreditation from agencies without conflict of interest to agencies responsible for both security and cost is not helpful at reducing receptiveness to more subjective flexibility."

"Those familiar with high strength technologies (that are sometimes less costly by the way) are more apt to be skeptical about the subversion resistance of less formal CDS."

seem to be written by someone with a personal bias towards one type type of CDS over another.

147.160.136.10 (talk) 13:50, 23 May 2008 (UTC)[reply]

Article lacks relevant citations, appears to be original research[edit]

This article doesn't cite most of its claims, and adopts a pretty strong point of view against cross-domain. In addition, I'd disagree with some of the factual commentary, e.g.:

"CDS is distinct from the more rigorous approaches because it supports transfer that would otherwise be precluded by established models of computer/network/data security (e.g. Bell-La Padula and Clark-Wilson)."

"CDS development, assessment, and deployment are based on risk management."

Cross-domain solutions can implement the Bell-La Padula model, and are sometimes based on formal methods, not on risk management.

I'll add an "original research" tag. The author of the article, User:JA.Davidson is very knowledgeable in the field, but other points of view would be helpful too. This is an important topic in computer security, so I hope the article can be improved. —Preceding unsigned comment added by SyntaxPolice (talk • contribs) 15:52, 22 October 2009 (UTC)[reply]

..Re: I'd disagree with some of the factual commentary, e.g.: I would like to understand your point of disagreement. John (talk) 19:31, 15 March 2013 (UTC)[reply]

What are the more rigorous approaches?[edit]

I think it is appropriate to have a page on CDS. I thank the original author for his contributions. But I have some questions.

Is there an intention to distinguish between "more rigorous" and "high assurance"? If a CDS is implemented with a "High Assurance Guard", would it be described as rigorous? Perhaps a multilevel secure operating (MLSOS) system is a more rigorous approach. But MLSOS can be the basis for a CDS.

BLP or Biba (Biba probably more relevant than Clark & Wilson) do not preclude CDS. They model what a CDS needs to do for the overall system to be secure. In BLP, a subject at one security level is not permitted to "write down", for example. Consider a CDS about to transfer an Unclassified document from a Secret network to an Unclassified network. It will be required to make some checks to confirm that the document is Unclassified. This may involve human review, signature checking, or other processes. But after those processes complete successfully, the CDS "subject" is now considered to be at the Unclassified level, and hence permitted to write the document to the Unclassified network.

In Clark & Wilson, a C5 transaction can proceed if a UDI (unconstrained, possibly high content) is converted to a CDI constrained data item which is constrained to have only low content. Again, the CDS is performing exactly what the model describes.

John Y (talk) 00:36, 25 September 2015 (UTC)[reply]

External links modified[edit]

Hello fellow Wikipedians,

I have just added archive links to one external link on Cross-domain solution. Please take a moment to review my edit. If necessary, add {{cbignore}} after the link to keep me from modifying it. Alternatively, you can add {{nobots|deny=InternetArchiveBot}} to keep me off the page altogether. I made the following changes:

Added archive https://web.archive.org/20120129215319/http://www.embvue.com/isis.php to http://www.embvue.com/isis.php

When you have finished reviewing my changes, please set the checked parameter below to true to let others know.

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 18 January 2022).

If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—^{cyberbot II}_{Talk to my owner:Online} 13:28, 19 February 2016 (UTC)[reply]

External links modified[edit]

Hello fellow Wikipedians,

I have just modified one external link on Cross-domain solution. Please take a moment to review my edit. If you have any questions, or need the bot to ignore the links, or the page altogether, please visit this simple FaQ for additional information. I made the following changes:

Added archive https://web.archive.org/web/20080326230421/http://iase.disa.mil/cds/ to http://iase.disa.mil/cds/

When you have finished reviewing my changes, you may follow the instructions on the template below to fix any issues with the URLs.

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 18 January 2022).

If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—InternetArchiveBot (Report bug) 20:38, 14 August 2017 (UTC)[reply]