<div>Ashraf --</div>
<div> </div>
<div>Thanks for that snippet, and for pointing me to that page. I went back and re-read it (I didn't have anything highlighted on that page......so I either didn't understand it, took it for granted, or ???). This book is filled with soooo much information, I probably need to read it 3-4 times to get it all.</div>
<div> </div>
<div>All clear now.</div>
<div> </div>
<div>Many thanks,<br><br></div>
<div class="gmail_quote">On Sun, Jun 28, 2009 at 6:46 AM, Ashraf Amin <span dir="ltr"><<a href="mailto:ashraf_amin01@hotmail.com">ashraf_amin01@hotmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div><font size="2"><font face="Giovanni-Book" size="2"><font face="Giovanni-Book" size="2">
<blockquote dir="ltr" style="MARGIN-RIGHT: 0px">
<p align="left"> </p>
<p align="left">Shon Harris, Fourth Edition page 345</p>
<p align="left">" Let’s say that Tom and Kathy are both working on a multilevel mainframe at the</p>
<p align="left">same time. Tom has the security clearance of secret and Kathy has the security clearance</p>
<p align="left">of top secret. Since this is a central mainframe, the terminal Tom is working at has the</p>
<p align="left">context of secret, and Kathy is working at her own terminal, which has a context of top</p>
<p align="left">secret. This model states that nothing Kathy does at her terminal should directly or indirectly</p>
<p align="left">affect Tom’s domain (available resources and working environment). So whatever</p>
<p align="left">commands she executes or whichever resources she interacts with should not affect</p>Tom’s experience of working with the mainframe in any way."<br> <br>HTP :)<br>Besr Regards,<br>Ashraf Amin<br></blockquote>
</font></font><br><br> <br><br><br><br><br></font><br><br><br> <br>
<hr>
Date: Sun, 28 Jun 2009 06:34:16 -0400
<div>
<div></div>
<div class="h5"><br>From: <a href="mailto:belinda.foster@gmail.com" target="_blank">belinda.foster@gmail.com</a><br>To: <a href="mailto:cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>Subject: Re: [Cisspstudy] Security Models<br>
<br>
<div>Ashraf and Nicolas --</div>
<div> </div>
<div>I am totally lost........Would the Noninterference Model allow Don to work on the same production code that the staff is currently using, and the staff wouldn't be affected by his changes?</div>
<div> </div>
<div>Please help me understand.</div>
<div> </div>
<div>Thanks,<br><br></div>
<div>On Sun, Jun 28, 2009 at 12:56 AM, Ashraf Amin <span dir="ltr"><<a href="mailto:ashraf_amin01@hotmail.com" target="_blank">ashraf_amin01@hotmail.com</a>></span> wrote:<br>
<blockquote style="PADDING-LEFT: 1ex; BORDER-LEFT: #ccc 1px solid">
<div>
<blockquote dir="ltr" style="MARGIN-RIGHT: 0px"><font color="#000000">Noninterference</font><br><br>---<br>Best Regards,<br>Ashraf Amin<font size="2"><br><br><br> <br><br><br><br><br></font></blockquote><br><br><br> <br>
<hr>
Date: Fri, 26 Jun 2009 08:21:29 -0400<br>From: <a href="mailto:belinda.foster@gmail.com" target="_blank">belinda.foster@gmail.com</a><br>To: <a href="mailto:cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
Subject: Re: [Cisspstudy] Security Models
<div>
<div></div>
<div><br><br>
<div>Nimal --</div>
<div> </div>
<div>Don should not be developing/working on code that's in production. Period. If I had to decide on a certain security model, I'd fail this question for sure because him working on code that staff members are affected by is a MAJOR distractor within this paragraph.</div>
<div> </div>
<div>Belinda.<br><br></div>
<div>On Thu, Jun 25, 2009 at 5:10 PM, Nimal Gunarathna <span dir="ltr"><<a href="mailto:ng949@yahoo.com" target="_blank">ng949@yahoo.com</a>></span> wrote:<br>
<blockquote style="PADDING-LEFT: 1ex; BORDER-LEFT: #ccc 1px solid">
<table cellspacing="0" cellpadding="0" border="0">
<tbody>
<tr>
<td valign="top">
<div>Hi,</div>
<div> </div>
<div>This question is from <span>Shon</span> H's CISSP V4 Quiz Engine. I <span>immediatly</span> thought that this fall</div>
<div>into a certain security model based on a key statement here but I was wrong. Anyway you guys could dissect this ... </div>
<div> </div>
<div><font face="Arial" size="2">Don is a senior manager of an architectural firm. He has just found out that a key contract was renewed, allowing the company to continue developing an operating system that was idle for several months. Excited to get started, Don begins work in the operating system privately, but cannot tell his staff until the news is announced publicly in a few days. However, as Don begins making changes in the software, various staff members notice changes in their connected systems, even though they work in a lower-security level. What kind of model could be used to ensure this does not happen?</font></div>
<a href="mailto:cisspstudy@cccure.org" target="_blank"></a></td></tr></tbody></table><br>_______________________________________________<br>cisspstudy mailing list<br><a href="mailto:cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br>
<a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br><br></blockquote></div><br><br></div></div>
<div>
<hr>
Upgrade to Internet Explorer 8 Optimised for MSN. <a href="http://extras.uk.msn.com/internet-explorer-8/?ocid=T010MSN07A0716U" target="_blank">Download Now</a></div></div><br>_______________________________________________<br>
cisspstudy mailing list<br><a href="mailto:cisspstudy@cccure.org" target="_blank">cisspstudy@cccure.org</a><br><a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br>
<br></blockquote></div><br><br></div></div>
<hr>
View your Twitter and Flickr updates from one place – <a href="http://clk.atdmt.com/UKM/go/137984870/direct/01/" target="_blank">Learn more!</a></div><br>_______________________________________________<br>cisspstudy mailing list<br>
<a href="mailto:cisspstudy@cccure.org">cisspstudy@cccure.org</a><br><a href="http://cccure.org/mailman/listinfo/cisspstudy_cccure.org" target="_blank">http://cccure.org/mailman/listinfo/cisspstudy_cccure.org</a><br><br></blockquote>
</div><br>