VMS SES User's Guide Version 5.2

This document, the "VMS SES User's Guide Version 5.2," introduces the VMS Security Enhancement Service (VMS SES) and its licensed software component, SEVMS. Published in November 1989, it serves as a guide for general users, detailing the command language, system routines, error messages, and terminology specific to SEVMS.

SEVMS implements a mandatory access control (MAC) mechanism that complements, rather than replaces, standard VMS discretionary access controls. It enforces a system-wide security policy, which is centrally established and managed by a security manager. Key advantages of SEVMS include:

• Classifying users and data based on sensitivity using hierarchical secrecy levels (256) and non-hierarchical secrecy categories (128), as well as integrity levels (256) and categories (64).
• Enforcing access rules that prevent unauthorized reading or writing of data based on classification.
• Auditing attempts to compromise mandatory access controls.
• Restricting user access to specific terminals, printers, and disks according to their classification.
• Providing a uniform mechanism for sensitivity labeling of print jobs.

The manual covers:

• An introduction to SEVMS, its intent, advantages, and how its security techniques complement VMS.
• Detailed information on mandatory access controls, including secrecy/integrity levels and categories, classification labels for various objects (files, devices, processes, queues), and the rules governing access (Read Down, Write Up, Read/Write Equal). It also notes how specific privileges (e.g., DOWNGRADE, UPGRADE, BYPASS) can circumvent these rules.
• Guidance on logging in to an SEVMS system and classifying directories and files, emphasizing that new objects inherit the classification of the creating process.
• A comprehensive description of SEVMS DCL commands, which are either modified VMS commands or new ones. These commands are used for auditing (ANALYZE/AUDIT, SET AUDIT), classifying objects and system components (SET CLASS, SET DEVICE/CLASS, SET DIRECTORY/CLASS, SET FILE/CLASS, INITIALIZE), managing print templates (SET TEMPLATE), and displaying security information (SHOW AUDIT, SHOW CLASS, SHOW TEMPLATE, DIRECTORY).
• Programming information detailing SEVMS class block formats, system service routines ($PARSE_CLASS, $FORMAT_CLASS, $CHANGE_CLASS) used to manipulate classification labels, and the binary audit record format.
• A listing of SEVMS-unique system messages and their recovery procedures.

This guide is intended for all users of an SEVMS system who have a general working knowledge of VMS.