HP OpenVMS Guide to System Security

This document, "HP OpenVMS Guide to System Security OpenVMS Version 8.4," is a comprehensive manual for users and administrators on how to secure the OpenVMS operating system.

Key areas covered include:

• System Security Overview: Introduces fundamental security concepts, types of security problems (user irresponsibility, probing, penetration, social engineering), and the OpenVMS security model, including the reference monitor concept, subjects, objects, authorization database, and audit trail.
• Security for the User: Provides guidance for general users on responsible system usage, including choosing strong passwords, understanding different login types, handling login failures, and securing personal data through file protection, access control lists (ACLs), and encryption.
• Security for the System Administrator: Offers in-depth information for security administrators on managing system access, data, and resources. This includes setting up secure user accounts (privileged, captive, restricted, automatic login, guest, proxy, externally authenticated accounts), enforcing password standards, controlling login processes, detecting intrusions, and managing the security auditing subsystem. It also details how to secure clusters, network environments (DECnet, proxy access), and protected subsystems, as well as assigning various user privileges and protecting critical OpenVMS system files.
• Encryption: Explains the process of encrypting and decrypting files, defining and maintaining encryption keys, and using different encryption algorithms (AES, DES).
• Security Auditing: Describes how to use and manage the OpenVMS auditing system, including reporting security-relevant events, developing auditing plans, capturing event messages, analyzing log files, and managing the audit server.
• System Security Breaches: Discusses how to recognize, respond to, and repair system security breaches, including identifying perpetrators and preventing future intrusions.
• Appendices: Provide a summary of user privileges and default protection for OpenVMS system files.

The document emphasizes balancing security needs with usability and performance, promoting a proactive approach to system security through a combination of technical controls, administrative procedures, and user training.