How the Trusted Solaris Environment Protects Against Intruders

The Trusted Solaris environment protects against intruders by:

• Limiting access to the trusted computing base

• Making theft of passwords more difficult

• Protecting information on the system through access control

• Providing auditing

• Preventing spoofing programs

• Protecting local peripheral devices against unauthorized users

Limiting Access to the Trusted Computing Base

The term trusted computing base (or TCB) refers to the part of the Trusted Solaris environment that affects security; it includes software, hardware, firmware, documentation, and administrative procedures. Utility programs and application programs that can access security-related files are all part of the trusted computing base. Your administrator sets limits on all potential interactions that you can make with the TCB regarding programs that you need to do your job, files that you are allowed to access, and utility programs that can affect security.

Making Theft of Passwords More Difficult

Because intruders generally break into systems by guessing passwords, the Trusted Solaris environment supplies several options for tightening password security. Users may be required to change passwords at certain intervals or by set expiration dates. In addition, there is a password generator that creates random, non-language passwords. Check with your administrator to see which of these options are used at your site.

Protecting Information on the System Through Access Control

If an intruder does successfully log into the system, there are further obstacles to getting surreptitious access to information. Files and other resources are protected by both access control that is set by the owner of the information and access control enforced by the system. See "How the Trusted Solaris Environment Enforces Access Control Policy".

Providing Auditing

The Trusted Solaris environment enables administrators to audit all or selected user actions and run reports by user ID, file, date, and time. You are accountable for your actions in a Trusted Solaris system, particularly those actions that may affect security or sensitive files. User activity can be recorded in an audit trail so that administrators can detect suspicious actions on the system.

Preventing Spoofing Programs

Intruders sometimes spoof (that is, imitate) login or other legitimate programs to intercept passwords or other sensitive data. The Trusted Solaris environment protects users from hostile spoofing programs by displaying the Trusted Symbol, an unmistakable, tamper-proof icon at the bottom of the screen that is displayed whenever you interact with the trusted computing base (TCB). Its presence ensures the safety of performing security-related transactions. Its absence indicates a potential security breach. The following figure shows the trusted symbol.

Figure 1-1 Trusted Symbol

Protecting Local Peripheral Devices Against Unauthorized Users

In the Trusted Solaris environment, administrators can assign access to local peripheral devices such as tape drives, floppies, printers, and microphones on a user-by-user basis. The Trusted Solaris environment restricts access to peripheral devices as follows:

• Remote users cannot tap into local devices such as microphones or tape drives; users must be logged in locally to use a special device allocation tool.

• Only users with special authorization can access devices with removable media.