HP OpenVMS Systems Documentation

Content starts here

OpenVMS Guide to System Security

Previous Contents Index

system password: A password controlling access to particular terminals. System passwords are usually necessary to control access to terminals that might be targets for unauthorized use, such as dialup and public terminal lines. After an authorized person enters the system password, a user can enter his user password. See also user password.

system user authorization file (SYSUAF.DAT): A file containing an entry for every user that the system manager authorizes to gain access to the system. Each entry identifies the user name, password, default account, user identification code (UIC), quotas, limits, and privileges assigned to individuals who use the system.

SYSUAF: See system user authorization file.

TCB: See trusted computing base.

template profile: The default set of security elements applied to new objects of a class. See also object security profile.

tied account: See captive account.

trap door: An illicit piece of software or software modification in an operating system that allows access in violation of the system's established security policy.

Trojan horse program: A program that gains access to otherwise secured areas through its pretext of serving one purpose when its real intent is far more devious and potentially damaging. When an authorized user performs an legitimate operation using a program, the unauthorized program within it (the Trojan horse) performs an unauthorized function.

trusted computing base (TCB): A combination of computer hardware and operating system software that enforces a security policy.

In OpenVMS systems, the TCB includes the entire executive and file system, all other system components that do not execute in user mode (such as device drivers, RMS, and DCL), most system programs installed with privilege, and a variety of other utilities used by system managers to maintain data relevant to the TCB.

turnkey account: See captive account.

UAF: See system user authorization file.

UIC: See user identification code.

UIC identifier: An identifier in alphanumeric format that is based on a user's identification code (UIC). Such an identifier can appear with or without brackets. See also identifier.

UIC protection code: See protection code.

user category: One of four fields in a protection code. The code defines the access rights for four categories of users: (a) the owner, (b) the users who share the same group UIC as the owner (the group category), (c) all users on the system (the world category), and (d) those with system privileges or rights (the system category). A code lists access rights in a fixed order: System, Owner, Group, World.

user identification code (UIC): A 32-bit value assigned to users that tells what group users belong to on the system and what their unique identification is within that group. Any UIC specification is enclosed in brackets, but it can be in either an alphanumeric or a numeric format. For example, the UIC [SALES,JONES] identifies Jones as a member of the Sales group. Protected objects like files also have UICs. In most cases, their UICs come from the users who created them.

user irresponsibility: Situations where the user purposely or accidentally causes some noticeable damage on a computer system.

user name: The name a user enters to log in to the system. Together with a password, the user name identifies and authenticates a person as a valid user of the system. See also password, user password.

user password: A character string recorded in a user's record in the system user authorization file. The password and the user's name must be correctly supplied when the user attempts to log in so that the user is authenticated for access to the system. The two types of user passwords are known as primary and secondary; the terms also represent the sequence in which they are entered. See also primary password, secondary password, system password.

user penetration: Situations where the user exploits defects in the system software or system administration to break through security controls to gain access to the computer system.

user probing: Situations where a user exploits insufficiently protected parts of a computer system.

virus: A command procedure or executable image written and placed on the system for the sole purpose of seeking unauthorized access to files and accounts on the system. The virus seeks access to a user file through a flaw in the file protection. If successful, the virus modifies the file so that it carries a copy of the virus. Each time an unsuspecting user executes the code that contains the virus, the virus attempts to propagate itself into other poorly protected procedures or images. The virus seeks to find its way into a procedure that will be run from a privileged account so that the virus can inflict damage to the system.

volume: A mass storage medium, such as a disk or tape, that is in ODS-2 format. Volumes contain files and may be mounted on devices.

OpenVMS security policy protects volumes from improper access. An operation can require read, write, create, delete, or control access.

world: A category of users whose access rights to an object are identified in the last field of a protection code. The world category encompasses all users or applications on the system, including system operators, system managers, and users both in the owner's group and any other group.

worm: A procedure that replicates itself over many nodes in a network, typically using default network access or known security flaws. The usual effect of a worm is severe performance degradation as replicas of the worm saturate the computing capacity and bandwidth of the network. In contrast to a virus, which spreads by modifying existing programs and executing when some user runs the program, a worm stands by itself, operates in its own process context, and initiates its own offspring.

Index Contents