HP OpenVMS Systems Documentation
OpenVMS Guide to System Security
system password: A password controlling access to
particular terminals. System passwords are usually necessary to control
access to terminals that might be targets for unauthorized use, such as
dialup and public terminal lines. After an authorized person enters the
system password, a user can enter his user password. See also user
system user authorization file (SYSUAF.DAT): A file
containing an entry for every user that the system manager authorizes
to gain access to the system. Each entry identifies the user name,
password, default account, user identification code (UIC), quotas,
limits, and privileges assigned to individuals who use the system.
SYSUAF: See system user authorization file.
TCB: See trusted computing base.
template profile: The default set of security elements
applied to new objects of a class. See also object security
tied account: See captive account.
trap door: An illicit piece of software or software
modification in an operating system that allows access in violation of
the system's established security policy.
Trojan horse program: A program that gains access to
otherwise secured areas through its pretext of serving one purpose when
its real intent is far more devious and potentially damaging. When an
authorized user performs an legitimate operation using a program, the
unauthorized program within it (the Trojan horse) performs an
trusted computing base (TCB): A combination of computer hardware and operating system software that enforces a security policy.
In OpenVMS systems, the TCB includes the entire executive and file
system, all other system components that do not execute in user mode
(such as device drivers, RMS, and DCL), most system programs installed
with privilege, and a variety of other utilities used by system
managers to maintain data relevant to the TCB.
turnkey account: See captive account.
UAF: See system user authorization file.
UIC: See user identification code.
UIC identifier: An identifier in alphanumeric format
that is based on a user's identification code (UIC). Such an identifier
can appear with or without brackets. See also identifier.
UIC protection code: See protection code.
user category: One of four fields in a protection
code. The code defines the access rights for four categories of users:
(a) the owner, (b) the users who share the same group UIC as the owner
(the group category), (c) all users on the system (the world category),
and (d) those with system privileges or rights (the system category). A
code lists access rights in a fixed order: System, Owner, Group, World.
user identification code (UIC): A 32-bit value
assigned to users that tells what group users belong to on the system
and what their unique identification is within that group. Any UIC
specification is enclosed in brackets, but it can be in either an
alphanumeric or a numeric format. For example, the UIC [SALES,JONES]
identifies Jones as a member of the Sales group. Protected objects like
files also have UICs. In most cases, their UICs come from the users who
user irresponsibility: Situations where the user
purposely or accidentally causes some noticeable damage on a computer
user name: The name a user enters to log in to the
system. Together with a password, the user name identifies and
authenticates a person as a valid user of the system. See also
password, user password.
user password: A character string recorded in a user's
record in the system user authorization file. The password and the
user's name must be correctly supplied when the user attempts to log in
so that the user is authenticated for access to the system. The two
types of user passwords are known as primary and secondary; the terms
also represent the sequence in which they are entered. See also
primary password, secondary password, system password.
user penetration: Situations where the user exploits
defects in the system software or system administration to break
through security controls to gain access to the computer system.
user probing: Situations where a user exploits
insufficiently protected parts of a computer system.
virus: A command procedure or executable image written
and placed on the system for the sole purpose of seeking unauthorized
access to files and accounts on the system. The virus seeks access to a
user file through a flaw in the file protection. If successful, the
virus modifies the file so that it carries a copy of the virus. Each
time an unsuspecting user executes the code that contains the virus,
the virus attempts to propagate itself into other poorly protected
procedures or images. The virus seeks to find its way into a procedure
that will be run from a privileged account so that the virus can
inflict damage to the system.
volume: A mass storage medium, such as a disk or tape, that is in ODS-2 format. Volumes contain files and may be mounted on devices.
OpenVMS security policy protects volumes from improper access. An
operation can require read, write, create, delete, or control access.
world: A category of users whose access rights to an
object are identified in the last field of a protection code. The world
category encompasses all users or applications on the system, including
system operators, system managers, and users both in the owner's group
and any other group.
worm: A procedure that replicates itself over many nodes in a network, typically using default network access or known security flaws. The usual effect of a worm is severe performance degradation as replicas of the worm saturate the computing capacity and bandwidth of the network. In contrast to a virus, which spreads by modifying existing programs and executing when some user runs the program, a worm stands by itself, operates in its own process context, and initiates its own offspring.