[Info-vax] "VAX, VMS, UNIX and other minicomputers"...
RobertsonEricW
robertsonericw at netzero.net
Fri May 11 14:18:24 EDT 2012
On May 11, 12:19 pm, Bob Gezelter <gezel... at rlgsc.com> wrote:
> On Friday, May 11, 2012 10:47:03 AM UTC-4, DTL wrote:
> > I'm preparing my CISSP certification and I found this in the book "Official (ISC)2 Guide to the CISSP CBK Certification" (2nd Edition, p. 116):
>
> > "Discretionary controls represent a very early form of access control and were widely employed in VAX, VMS, UNIX and other minicomputers ../.."
>
> > LOL
>
> DTL,
>
> I would like to see a more extensive citation.
>
> In particular, I would like to see what the author believes to be "modern" access controls.
>
> Systems with mandatory access controls (B-level in the Orange book) have not made significant progress in adoption over the years.
>
> I would offer as a reference my chapter on OpenVMS Security in the Handbook of Information Security (H. Bidgoli, Ed., Wiley, 2005). However, if the CISSP Guide is providing incorrect information, it should be addressed.
>
> - Bob Gezelter,http://www.rlgsc.com
I believe there used to be a product called SecureVMS that allowed an
OpenVMS system to be compliant to level B-2 of the "Orange Book". The
SecureVMS product essentially added the Mandatory Access Controls to
the Discretionary Access Controls provided by the Base OpenVMS system
software. Does HP even sell the SecureVMS (or maybe
SecureOpenVMS?)product anymore? Last I looked, I didn't see any
information on the HP OpenVMS web pages about it.
Eric
More information about the Info-vax
mailing list