GENERAL SECURITY CONSIDERATIONS


SECURITY OF INDIVIDUAL NODES

AREAS OF TRUSTWORTHINESS

NON-VMS NODES

	o  LOOK FOR EXPOSED PASSWORDS

	o  PASSWORD USE ACROSS MULTIPLE SYSTEMS

	o  PASSWORDS IN COMMAND FILES

	PROTECTING THE DEFAULT
	DECNET ACCOUNT


BEST: DON'T HAVE ONE

OTHERWISE ...

	o  PREVENT INTERACTIVE USE

	o  PREVENT BATCH JOBS

	o  PREVENT "TASK" ACCESS

	LIMITING THE DECNET ACCOUNT


AUTHORIZATION FILE

	o  DISUSER FLAG

	o  EXPLICIT LOGIN.COM FILE

LOGIN COMMAND FILE
    (NOT IN DEFAULT DIRECTORY)

	$ IF F$MODE() .NES. "NETWORK" THEN LOGOUT

	$ SHOW LOGICAL SYS$NET

FAL.COM - COMMAND FILE FOR FAL OBJECT

	$ SHOW LOGICAL SYS$NET

	$ DEFINE FAL$LOG 1

	$ RUN SYS$SYSTEM:FAL

	$ IF F$USER .EQS. <DECNET> THEN RENAME *.COM;* *.XXX;*

		DECNET ACCESS CONTROL


DEFAULT ACCESS

	o  NON-SELECTIVE

	o  INSUFFICIENT PROTECTION

	o  INSUFFICIENT ACCESSIBILITY


EXPLICIT ACCESS CONTROL

	o  CUMBERSOME

	o  RISK OF PASSWORD COMPROMISE

	o  HARD TO AUDIT

		PROXY LOGIN


SELECTIVE MAPPING BETWEEN SYSTEMS' USER BASES

	o  CONTROL TO INDIVIDUAL LEVEL

	o  NO PASSWORDS TRANSMITTED

	o  AUDITABLE TO INDIVIDUAL USER

	o  DEFAULTS TO DEFAULT ACCESS

	o  OVERRIDE WITH EXPLICIT ACCESS CONTROL


EXPERIMENTAL, UNSUPPORTED IMPLEMENTATION IN VMS V3.0

	MANAGING THE PROXY FILE
	SYS$SYSTEM:NETUAF.DAT


AUTHORIZE UTILITY COMMANDS

	o  CREATE /PROXY

	o  ADD /PROXY  NODE::USER  LOCAL_USER

	o  REMOVE /PROXY  NODE::USER

	o  LIST /PROXY

	o  SHOW /PROXY  NODE::USER

	o  SHOW /PROXY  *

		DECNET CONTROLS


			 /	NONE
	EXECUTOR  \	|
		   |	|	INCOMING
	NODE	   |	|
		   |	|	OUTGOING
	OBJECT	  /	|
			 \	BOTH


USERNAME REPLACES PID IN DECNET SOURCE STRING

INCOMPATIBLE WITH

	o  DEFAULT OUTGOING ACCESS CONTROL

	o  NON-VMS OPERATING SYSTEMS

		NCP COMMANDS


SET UP EXECUTOR

	PURGE EXEC PRIV USER PASSWORD ACCOUNT

	DEFINE EXEC DEFAULT PROXY OUTGOING

	DEFINE EXEC PROXY BOTH

ENABLE PROXIES FOR SELECTED NODES

	PURGE NODE XXX PRIV USER PASSWORD ACCOUNT

	PURGE NODE XXX NOPRIV USER PASSWORD ACCOUNT

	DEFINE NODE XXX PROXY BOTH

SET UP OBJECTS

	DEFINE KNOWN OBJECTS PROXY BOTH

	DEFINE OBJECT TASK PROXY OUTGOING

	DEFINE OBJECT MAIL PROXY OUTGOING

	DEFINE OBJECT REMACP PROXY OUTGOING

		CURRENT VULNERABILITIES


o  WIRE TAPPING

o  INTEGRITY OF REMOTE SYSTEMS

o  NODE IMPERSONATION

		FUTURE DIRECTIONS


o  GREATER FLEXIBILITY

o  ENCRYPTION

o  NON-DISCRETIONARY SECURITY SUPPORT