HP c3700 - Workstation User manual
VISUALIZE Workstations
Interoperable Security for HP-UX
and Windows NT Technical Workstations
By Scott Key
Solution Specialist
02/04/00 HP VISUALIZE WORKSTATIONS 1
Introduction In order to provide integration and interoperability of engineering functions and
information between HP-UX and Windows NT platforms, protection of resources and data
must be assured. This secure engineering environment is most prevalent when an
organization utilizes out-sourcing for engineering services of sub-components and
processes. At first glance, it appears that there is little interoperability between HP-UX
Security and that of Windows NT, as both operating systems provide unique capabilities
for authentication, authorization and data protection that are inherently “uninteroperable”.
This can significantly increase the cost of system management in a heterogeneous
network. The use and management of two different security processes also increases the
possibility of compromising critical information. Further examination of the security
methods available in HP-UX and Windows NT however, reveals that interoperability can
exist at many levels, including the utilization of similar non-repudiation techniques.
Today the prevalent core HP-UX resource protection scheme revolves around encrypted
passwords and ACL for files. For more integrated and secure protection, DCE and
Kerberos (a DCE derivative) methodologies are used. HP-UX can also utilize NIS file
security. Today, Windows NT core security is also centered around encrypted passwords
and ACL for resources, and with 3rd party software, DCE and NIS methodologies are also
available. With the release of Windows NT 5.0 (Windows 2000), it has also been reported
that Kerberos will be available as an alternate security paradigm. In addition, HP has
released a system to provide a single source of user authentication. Thus, by utilizing 3rd
party software and/or HP's security framework, a more secure cross-platform scheme for
protection of resources and engineering data is possible.
Security Concerns Computer security is based on four concepts: authentication, authorization, data protection
and non-repudiation. Authentication refers to the process of verifying the identity of the
individual who is requesting resources. For example, operating systems’ logon processes
provide authentication of a user to gain access to a system. Authorization provides the
ability to restrict access to resources on the system by individuals or groups. This ability
to tie users to certain resources and exclude them from others enables the system to be
managed from a resource-based model (access control) or a role-based model (privileged
users, etc.). The data protection aspect of security is essentially ensuring cryptographic
algorithms and mechanisms are in place that encrypt the data, thus providing a means of
keeping data confidential. Non-repudiation ensures that information was really from the
indicated source and that it has not been tampered with. This validation then provides
higher confidence levels in the data confidentiality process.
02/04/00 HP VISUALIZE WORKSTATIONS 2
Figure 1: Four Basic Security Concepts
Today’s technical and engineering environments often require security that handles many
levels of security across both Windows NT and UNIX systems. As more geographically
dispersed collaboration is pursued in the cross discipline approach to engineering, more
concern is given to ramifications of the data security. In addition, many organizations are
sub-contracting portions of the engineering process. This can require the sharing of data
even outside the organization’s intranet and hence the necessity for protection of this
intellectual property. However, this protection must be balanced against ease of use and
cost of system management
02/04/00 HP VISUALIZE WORKSTATIONS 3
Figure 2: Collaborative Engineering Environment
An ideal security environment would be one that incorporates the security paradigms of
both Windows NT and UNIX in a consistent and integrated fashion. For example, when a
change in the access control or role-based model is made for a Windows NT or UNIX
system, it is reflected in the other security systems. However, a balanced approached to
these security paradigms, coupled with ease of use and cost of system management
consideration across platforms, should be a paramount concern in the current engineering
environments. A centralized security management system may assist in this integration
and interoperability of security functions between the Windows NT and UNIX platforms.
UNIX/HP-UX View
of Security The UNIX operating system design was influenced to a certain extent, by a project at MIT
for an “A-Level” security compliant OS called Multics. In addition, UNIX was conceived
as a multi-user environment. Thus, security was considered as part of its basic design. And
since UNIX resources are for the most part accessed through file I/O, UNIX security has
also been historically centered around file I/O.
However, despite these original design concerns, standard UNIX security is rudimentary at
best. For example, most current versions of UNIX provide encrypted passwords in the
password file. Unfortunately, the passwords are transmitted over the network as clear text.
In addition, traditional UNIX does not address authentication of other systems on the
02/04/00 HP VISUALIZE WORKSTATIONS 4
network. This can lead to attempts to fool (e.g. spoofing) a system into believing an
alternate identity for the intruding system. However, HP-UX has added a number of
features that enhance its security capabilities.
HP-UX provides for security level certification to Department of Defense (DOD) C2 on
through B1. HP-UX can, providing that the administrator implements it, include security
processes utilizing Access Control Lists (ACLs) and a Shadow Password File. HP-UX
also fully supports the Distributed Computing Environment (DCE) which includes the
Distributed Security Services (DSS) support for a cross platform security environment.
DSS is a security mechanism to enable privacy and authenticity of client/server
transactions. Authentication, authorization and user account management is included in
this service. Finally, the Kerberos security protocol is also available for HP-UX, and is an
authentication mechanism that utilizes a “shared-secret-key” method of verification.
Windows NT View
of Security There was little thought given to security in the early days of MS/DOS. It was, of course,
a simplified operating system for personal computers where the individual had complete
control of local system resources and very limited access to shared resources (i.e. printers
and directories of files). As PCs began to share resources, a fundamental security process
was implemented. Cooperative file password security was placed on shared resources like
printers and directories. That is, the owners of the resource could share it without a
password. However, when a resource is shared with a password, it is open to anyone that
has (or can guess) the password. It is not tied to user identification or authentication.
Windows NT was planned from the start to have strong security, owning its heritage to
VMS and Windows NT’s chief architect, David Cutler.
In Windows NT, like UNIX, it is up to the administrator to implement security. For
example, the file security with an ACL’s type model is only available with the NTFS file
system. The administrator must explicitly format the hard disk drive with NTFS to
achieve this level of security. The operating system itself imposes a level of security on
all system calls for its services (i.e. system level objects). That is, when a program (a
thread actually) requests a resource, the OS verifies the thread’s security token. The
security token provides information on what resources this thread can have access to. This
token is based upon a previously authenticated and authorized user activation process.
The user logon procedure utilizes encrypted DES (Data Encryption Standard) passwords
over the net. In addition, Windows NT has encryption and challenge/response for system
authentication. Today, Windows NT 4.0 can also participate in DCE security, but only as
it relates to Remote Procedure Calls (RPC).
It is reported that Windows NT 5.0 will incorporate Kerberos as a system wide
authentication mechanism. This should allow Windows NT to have enhanced integration
capability into the UNIX security paradigm.
02/04/00 HP VISUALIZE WORKSTATIONS 5
Integration of
Windows NT
Security into the
UNIX Environment Security paradigms need to be consistent between Windows NT and UNIX as a way to
help keep the total cost of ownership down. However, this requires a centralized approach
to security administration that is pervasive across many systems. There are two
fundamental security building blocks that are available (or soon will be) on UNIX and
Windows NT. These building blocks are DCE and Kerberos.
Today, the DCE implementation on Windows NT does not allow a DCE client to use
security to make a request to a Microsoft RPC server. If the DCE encrypts part of the
RPC, the Windows NT server cannot de-encrypt the RPC information. Therefore to get
this scenario to work, the Client side must not be secure. On the other hand, a Microsoft
RPC client can effectively communicate to a secure UNIX DCE server. Using minimal
security, the objects are accessible through the DCE server from a Microsoft RPC client.
The Microsoft RPC calls do not contain identification information however. The DCE
server must then treat them as unauthenticated requests. These requests can be handled
with the use of DCE’s Cell Directory Service (CDS) and the use of ACL’s within the
CDS.
The Kerberos method for authentication utilizes a central database of information about
users. Thus, when a user logs on, a security ticket is requested from a local server (ticket-
granting server of the realm). However, realms (administrative domain) in Kerberos can
register with other realms. Thus a user can be authenticated from a remote security server
using Kerberos protocol. The Kerberos protocols from Windows NT and UNIX servers
should then be able to authenticate each other’s users. However, Kerberos does not
authorize users for utilizing system resources. The system still must provide an
authorization scheme, such as an ACL or a SID (Security IDentifier) to allow access to
resources. For example, a UNIX user could be authorized to log onto a Windows NT
domain or vice versa. The user authorization level, however, would be as a “Guest”. This
would mean that user access levels would still need to be maintained separately on
Windows NT and UNIX.
02/04/00 HP VISUALIZE WORKSTATIONS 6
Figure 3: A possible configuration for Windows NT & UNIX Security Protocol
Integration
The current HP Praesidium framework is a family of security products that can provide
cross-platform management from a centralized perspective, and addresses all four major
aspects of security: authentication, authorization, data protection and non-repudiation. The
current Praesidium family includes such items as Single Sign-On, Authorization Server,
VirtualVault and others. This central approach can lower the cost of system
administration by providing a single place for security maintenance and oversight. For
example, Single Sign-On provides Windows NT systems a single resource to authenticate
users. This also means that if these same users log onto a UNIX system, they can use the
same user name and password since these UNIX systems use the same source for
authentication.
02/04/00 HP VISUALIZE WORKSTATIONS 7
Figure 4: Praesidium Security Framework
If Windows NT does embrace Kerberos, the future will look better for security on both
platforms. Kerberos will allow the integration of the forthcoming HP Public Key
Infrastructure (PKI). This infrastructure is based on issuing a single highly trusted digital
identity (public key certificate) to individual users. This will allow directory services, like
Windows NT’s new Active Directory to publish public key certificates and certificate
revocation lists. In essence, users could authenticate to a Windows NT system using a
Windows NT user name or their security key. For example, this could then allow
authorized subcontractors access to specific data within a company’s intranet firewall.
Summary Whether DCE, Kerberos, Praesidium framework or simply duplicated security methods
are used to manage Windows NT and UNIX security, a protection scheme should be
implemented. The appropriately configured security can provide a collaborative, cross-
platform engineering environment that protects the organization’s intellectual property. In
addition, a security management process that is configured and maintained from a central
perspective of Windows NT and UNIX may provide a lower cost of system administration
of these engineering and scientific systems. Windows NT and UNIX are starting to
address the security concerns with some of the same methodologies and protocols in an
interoperable manner. Thus, even if engineering teams are geographically dispersed,
02/04/00 HP VISUALIZE WORKSTATIONS 8
secure access to the same data could be provided today, by using DFS (Distributed File
System) and DCE on both systems, in conjunction with the mentioned security processes.
Other manuals for c3700 - Workstation
4
This manual suits for next models
32
Other HP Desktop manuals
HP
HP TOUCHSMART 9100 User manual
HP
HP Kayak XW U3-W3 Manual
HP
HP Pavilion a210 Instruction Manual
HP
HP Compaq Presario Manual
HP
HP Presario 5800 Series User manual
HP
HP vectra vl420 How to use
HP
HP dx5150 Setup guide
HP
HP Pavilion Elite m9400 - Desktop PC Installation instructions
HP
HP Evo D500 - Convertible Minitower User manual
HP
HP dx7500 - Microtower PC Operating and maintenance manual
HP
HP Pavilion w5500 - Desktop PC User manual
HP
HP Pavilion MS214 User manual
HP
HP TouchSmart User manual
HP
HP Compaq Presario Manual
HP
HP ProDesk 400 G1 Manual
HP
HP Workstation x4000 User manual
HP
HP vectra vl420 Installation and operation manual
HP
HP Xw8200 - Workstation - 1 GB RAM Use and care manual
HP
HP Compaq dx2100 MT Series User manual
HP
HP Pavilion Elite d5100 - ATX Desktop PC How to use
