BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Talks.cam//talks.cam.ac.uk//
X-WR-CALNAME:Talks.cam
BEGIN:VEVENT
SUMMARY:Design and implementation of a CC CAPP-compliant audit subsystem f
 or the Mac OS X and FreeBSD operating systems - Robert N M Watson\, Univer
 sity of Cambridge
DTSTART:20060221T161500Z
DTEND:20060221T171500Z
UID:TALK5485@talks.cam.ac.uk
CONTACT:Saar Drimer
DESCRIPTION:Completing the Common Criteria CAPP (C2) security evaluation o
 f Apple's Mac OS X operating system required the development of a signific
 ant new operating system feature\, security event auditing. This facility 
 provides for the fine-grained\, configurable\, and reliable logging of sec
 urity events ranging from authentication events in user space to system ca
 ll access control information throughout the kernel. As the leader for the
  team that implemented Audit for Apple\, I had the opportunity to gain int
 eresting insight into the evaluation requirements and process\, as well as
  into the implementation implications of these requirements. This presenta
 tion will describe the requirements and how they have been implemented in 
 traditional UNIX systems\, as well as how some of the design decisions tha
 t make Mac OS X unique impacted the implementation of Audit. I'll also tal
 k briefly about the later port of this source code base to the open source
  FreeBSD operating system\, and the OpenBSM software package\, which provi
 des a portable implementation of the de facto industry standard BSM API an
 d file format originally developed by Sun.
LOCATION:Lecture Theatre 2\, Computer Laboratory\, William Gates Building
END:VEVENT
END:VCALENDAR