From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00, PP_MIME_FAKE_ASCII_TEXT autolearn=no autolearn_force=no version=3.4.4 X-Google-Thread: 103376,a0833bbed8752e1f X-Google-Attributes: gid103376,public X-Google-Language: ENGLISH,ASCII Path: g2news1.google.com!news1.google.com!news.glorb.com!wns14feed!worldnet.att.net!204.71.34.3!newsfeed.cwix.com!news.binc.net!kilgallen From: Kilgallen@SpamCop.net (Larry Kilgallen) Newsgroups: comp.lang.ada Subject: Re: variable length strings Date: 28 Oct 2004 05:31:06 -0500 Organization: Berbee Information Networks Corporation Message-ID: References: <1861614.TWv5A9FgVL@linux1.krischik.com> <4178e979_1@baen1673807.greenlnk.net> <1195374.UMjBCk7lO1@linux1.krischik.com> <1154613.ipZcUgduzp@linux1.krischik.com> <1174011.lJ1dcgRM3Q@linux1.krischik.com> <1098814048.280053@master.nyc.kbcfp.com> In article , Jacob Sparre Andersen writes: > Larry Kilgallen wrote: >> In article , Jacob Sparre Andersen >> writes: > >> > Please distinguish between security (unauthorized access) and >> > denial-of-service. >> >> Since the time of the Orange Book, security has long been divided >> into three segments in discussions: >> >> Confidentiality >> Integrity >> Availability >> >> Denial-of-service issues clearly fall under Availability. >> Unauthorized access is just a tiny part of Confidentiality. > > I stand corrected, apologise to Pascal, and go to the library to have > a look at the �Orange Book� (what's its real title?). Reverse engineering "TCSEC", I believe it is "Trusted Computer Security Evaluation Criteria". But I did not promise those exact words are in the Orange Book, just that the _timing_ of that terminology matched that of the Orange Book :-) While those words were widely used at the time, NSA employees might have felt it inappropriate to use three terms with that acronym. But it was the way the rest of us remembered them.