I posted a blog earlier this weekthat introduced an abstract host security metasystem and the sensor andeffector instrumentation laws, which are two components of the laws ofhost security. Today’s blog outlines the security and policy componentlaws. Symantec posted a draft proposal on an abstract host securitymetasystem and the laws of host security in order to gain discussionand suggested improvements from interested parties in the securityindustry. Symantec posted this draft to openly solicit constructivecomments and helpful suggestions for draft refinements. The intent isto reach industry consensus on an architectural framework to guidedesigners of future host security subsystems and supportinginstrumentation.
This Weblog and the blogoshpere in generalhave been abuzz with controversy over Microsoft PatchGuard and issuesdealing with appropriate kernel security instrumentation. This blogentry is the first of a two-part series. It provides an excerpt of adraft posting that proposes an abstract host security metasystem andlaws of host security that attempt to raise the level of discourseabove specific features and implementations. This blog entry willoutline the sensor and effector instrumentation laws and the secondblog entry, covering the security and policy component laws, will bepublished later this week. Symantec posted this draft to openly solicitconstructive comments and helpful suggestions for draft refinements.The intent is to reach industry consensus on an architectural frameworkto guide designers of future host security subsystems and supportinginstrumentation.
