hp-uxsecuritywhitepaper(编辑修改稿)

hp-uxsecuritywhitepaper(编辑修改稿)内容摘要：

.................................. 24 Cryptographic Functions Provided in Each Version of the CSP................................................................................ 25 Certificate Library (CL) ................................................................................................................................................ 25 Worldwide Import/Export Control Considerations................................................................................................ 26 Availability........................................................................................................................................................................ 26 Availability of CDSA/CSSM ......................................................................................................................................... 26 Availability of the CSPs................................................................................................................................................. 26 Conclusion......................................................................................................................................................................... 26 Applicable Reference Documents and Standards ...................................................................................................... 27 APPENDIX B. UNDERSTANDING THE RISK OF VIRUSES ON HPUX SYSTEMS .... 28 HPUX Security White Paper 6 OS Security Concepts Every technical field has its own vocabulary and set of baseline concepts. This section defines the terms used in this paper. As much as possible these concepts, terms, and definitions have been derived from widely relied upon references. An understanding of these terms and concepts is required before a presentation of HPUX security features. HPUX implementation of these security concepts is described in Section 3. Identification and Authentication Identification refers to the naming of each user on the system. Secure systems require that each user has his/her own unique identification. In UNIX, this is an eight character maximum user name and corresponding numeric userid. Authentication refers to the proof that the user is who he/she says he/she is. This is usually done through a password that is known only to the user, although other stronger mechanisms exist such as twofactor authentication, in which a token (smartcard) is used along with a PIN. Smartcard authentication requires the user both to have the smartcard and to know the PIN in order to access the system The strength of an authentication system is frequently an issue with trusted systems. Password length and plexity are figures of merit for a crackerresistant password. Features such as password lifetime controls force users to change their passwords periodically. Because the divulging of a password allows access to the system, password and user account management are often focus areas for security administrators. Authorization The authorization mechanism in a system grants privileges to individual users. In the UNIX operating system, authorization is divided into two user classes: root users (also known as superusers), who have authorization to do almost anything to the system including bypassing security controls, and regular users, who have no privileges other than ordinary access to programs and data. Root users have authorization to administer the system, perform backups, and bypass security controls. Finegrained authorization that separates an allpowerful root user‟s power into separate authorizations goes by many names: administrative roles, least privilege, etc. In general, UNIX systems do not support these kinds of authorization models. ServiceControl Manager provides administrative roles capability on HPUX servers. Access Control A system‟s access control mechanism mediates user access of system resources (files, printers, programs, etc.). UNIX access controls take the form of two mechanisms: standard UNIX file permissions (read, write, execute granted on a user, group, other basis) and Access Control Lists. Access Control Lists are filespecific (that is, each file will have an ACL) and mediate that file‟s access to a finer granularity than standard UNIX permission bits. ACLs grant read, write, and/or execute permissions to a specified list of users. ACLs can also specify a group of users who specifically don‟t have access rights to the file. Audit / Accountability The audit system can be configured to log events that root and ordinary users do with the system. In the most extreme case, all securityrelevant events are logged. The performance overhead of this extreme HPUX Security White Paper 7 auditing may be impractical, so usually only events that are particularly relevant to the server‟s application or the customer‟s business environment are logged. Object Reuse For a system to be secure, it must guarantee that a newly created object (memory buffer, file, etc.) does not contain information “left over” from the last time it was used. The „object reuse‟ requirement of a secure system simply states that all user accessible resources are initially cleared or otherwise initialized so that no lingering information can be extracted from them. Intrusion Resistance An operating system even with all the best security features still must be designed and implemented to resist intrusions. In fact intrusion resistance may be the most significant security challenge facing operating system development, because intrusions result from defects or weaknesses in the operating system outside of the actual security mechanisms designed into it. Specific vulnerabilities in UNIX systems over the years include:  Poor programming practices in privile。