| Digital UNIX | ||
|---|---|---|
| Prev | Chapter 11. Security | Next |
Digital UNIX Version 4.0 supports the some features not available in other OSF-based UNIX operating systems.
All security mechanisms that run on the Digital UNIX Version 4.0 operating system run under the Security Integration Architecture (SIA) layer. The SIA allows you to layer various local and distributed security authentication mechanisms onto Digital UNIX Version 4.0 with no modification to the security-sensitive Digital UNIX Version 4.0 commands, such as login, su, and passwd. The SIA isolates the security-sensitive commands from the specific security mechanisms, thus eliminating the need to modify them for each new security mechanism.
See the Security manual for further details.
Through the use of a middle-layer interface, the Security Integration Architecture (SIA), Digital UNIX Version 4.0 allows use of the secsetup command to toggle back and forth between the secure and the nonsecure commands and utilities.
Digital provides support for accessing NIS distributed databases while running enhanced security.
Users on a Digital UNIX Version 4.0 enhanced security system can, for example, use the ypcat passwd command to gather information about users on the network; however, the user's encrypted password in the NIS distributed password database is not the same as the encrypted password on the secure system which cannot be viewed by unprivileged users.
In addition, on a Digital UNIX Version 4.0 system running enhanced security, NIS can be used to distribute the enhanced security protected password database as well.
The SIA interface provides support for Digital's networking software, DECnet.
Through the SIA, Digital UNIX Version 4.0, when configured for enhanced security, allows you to enter both your system password and your DCE password at login time. You do not have to log in to the Digital UNIX Version 4.0 secure system and then log in again to DCE.
Digital UNIX Version 4.0 supports the secsetup configuration and setup script which allows you to select the security level you wish to run, permits you to toggle back and forth between secure and nonsecure commands and utilities, and configures security at boot time depending upon the value of the SECURITY variable in the /etc/rc.config file.
Digital UNIX Version 4.0 provides the dxaccounts, dxaudit, and dxdevices utilities that permit the creation and modification of user accounts, modification of system defaults, and all of the audit interfaces and devices.
| Prev | Home | Next |
| C2 Functionality and TCSEC | Up | Performance |