[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Release: KNOPPIX5.1.1 for Trusted Compuintg Geeks (v1.0)

 >>From: Andrew Sackville-West <andrew@farwestbilliards.com>
 >>Subject: Re: Release: KNOPPIX5.1.1 for Trusted Compuintg Geeks (v1.0)
 >>On Tue, Feb 19, 2008 at 11:37:17AM +0900, Kuniyasu Suzaki wrote:
 >>>  >>From: Andrew Sackville-West <andrew@farwestbilliards.com>
 >>>  >>How does the system behave when the authentication server is down? How do you deal
 >>>  >>with a compromised authentication server? 
 >>> Client takes vulnerability check only. There is no action on the client.
 >>I presume that the client exchanges some information with the
 >>server. What happens when that server is compromised and sends
 >>compromised information? 

The server check Platform Manifest and RunTime Manifest.
Platform Manifest includes the boot record and RunTime Manifest
includes the log of executed applications on Linux-IMA.
If the manifests don't match, the server returns error.


The database on the server is updated by DSA:Debian Security Advisory.


 >>ps. thanks for continuing to answer these question.

Reply to: