OpenVMS VAX Guide to System Security

This document serves as a comprehensive guide for both users and system administrators on implementing and maintaining security for OpenVMS VAX operating systems. It aims to prevent unauthorized access, tampering, observation, and theft of services.

The guide is structured into three main parts:

• Part I (Introduction): Outlines various computer security problems (user irresponsibility, probing, and penetration), discusses different levels of security requirements, and introduces the OpenVMS security model, which is based on the reference monitor concept, involving subjects, objects, an authorization database, and an audit trail.
• Part II (Security for the User): Provides practical advice for general users on secure practices such as choosing and protecting passwords, understanding login types and restrictions, managing account and password expiration, and utilizing basic object protection features like User Identification Codes (UICs) and access control lists (ACLs).
• Part III (Security for the System Administrator): Details advanced security management tasks for administrators, including establishing user accounts, designing and maintaining rights databases and ACLs, configuring password management policies, protecting system programs and databases, authorizing resource usage, responding to security breaches, securing clustered systems, managing DECnet node security, and setting up protected subsystems.

Appendices further elaborate on user privileges, default protection for critical system files, and guidelines for operating in a C2-evaluated security environment, emphasizing that overall system security depends on a combination of operating system features and robust environmental controls.