After nearly two years of planning, the new UK Government Security Classification system comes into operation this month. This will probably be accompanied by some articles from the doomsday brigade suggesting forecasting chaos and uncertainty; there are undoubtedly rough edges, but it’s important not to lose sight of the bigger cultural change at play…
One of the challenges with a general purpose operating system, it that it is general purpose! It is designed to provide the application developer with a tool set to build their application. When building an application used to enforce security, this is a real challenge.
The Data Diode technical model to achieve a one way network connection is relatively simple. However when you start to consider trust and assurance, it gets more complex.
In the announcement I am quoted as saying:
Continue reading “Common Criteria Certification for Nexor Sentinel”