Skip to main content
SpringerLink
Log in

Die Sicherheit des UNIX-Betriebssystems

  • Conference paper
Book cover GI — 19. Jahrestagung I

Part of the book series: Informatik-Fachberichte ((INFORMATIK,volume 222))

  • 93 Accesses

Zusammenfassung

In diesem Artikel wird die Sicherheit des Betriebssystems UNIX untersucht. Es werden mögliche Gefahrdungen für UNIX beschrieben und Werkzeuge zur Erhöhung der Sicherheit vorgestellt. Weiter wird auf Techniken der Benutzerauthentifizierung eingegangen. Abschließend wird untersucht, wie die Sicherheit von UNIX im Sinne der im “Orange Book” enthaltenen Anforderungen verbessert werden kann.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Literatur

  1. R. Baldwin. Rule based analysis of Computer security. In Proceedings ofthe IEEE Compcon, S. 227–233, San Francisco, 1987. IEEE.

    Google Scholar 

  2. R. Baldwin. Rule Based Analysis of Computer Security. PhD thesis, MIT, Cambridge, März 1988. TR-401.

    Google Scholar 

  3. D. S. Bauer und M. E. Koblentz. NIDX — an expert system for real-time intrusion detection. In Comp. Networking Symposium, S. 98–106, Apr. 1988.

    Chapter  Google Scholar 

  4. T. Beyer. Sicherheitsaspekte von Computernetzwerken. In Gl Jahrestagung, München, Okt. 1989.

    Google Scholar 

  5. M. Bishop. An application of a fast Data Encryption Standard implementation. Computing Systems, 1 (3): 221–254, Summer 1988.

    MathSciNet  Google Scholar 

  6. S. Bourne. Das UNIX-System. Addison Wesley, 1985.

    Google Scholar 

  7. S. Bunch. The SETUID-feature in UNIX and security. In 10th National Computer Security Conference, S. 245–253, Baltimore, MD, Sept. 1987.

    Google Scholar 

  8. CCITT Draft Recommendation X.509. Version 7, ISO DIS 9594-8.

    Google Scholar 

  9. D. D. Clark und D. R. Wilson. A comparison of commercial and military security policies. In Symposium on Security and Privacy, S. 184–194, Oakland, CA, Apr. 1987. IEEE.

    Google Scholar 

  10. M. Davio, J.-M. Goethals, und J.-J. Quisquater. Authentication procedures. In T. Beth, Hrsg., Cryptography, Nr. 149 von LNCS, S. 283–288. Springer Verlag, März 1982.

    Google Scholar 

  11. D. E. Denning. An intrusion-detection model. In Symposium on Security and Privacy, S. 184–194, Oakland, CA, Apr. 1986. IEEE.

    Google Scholar 

  12. D. E. Denning, P. G. Neumann, und D. B. Parker. Social aspects of computer security. In 10th National Computer Security Conference, S. 320–325, Baltimore, MD, Sept. 1987.

    Google Scholar 

  13. Department of Defense. Trusted Computer System Evaluation Criteria. CSC-STD-001–83, Computer Security Center, Aug. 1983.

    Google Scholar 

  14. Department of Defense. Trusted Computer System Evaluation Criteria. DoD 5200.28-STD, Computer Security Center, Dez. 1985.

    Google Scholar 

  15. W. Diffie und M. Hellman. New directions in cryptography. IEEE Trans. Inf. Theory, 22 (6): 644–654, Nov. 1976.

    Article  MathSciNet  MATH  Google Scholar 

  16. W. Diffie und M. Hellman. Privacy and authentication: An introduction to cryptography. Proceedings of the IEEE, 67 (3): 397–427, 1979.

    Article  Google Scholar 

  17. T. Duff. Viral attacks on UNIX system security. In Proceedings of the Winter 1989 USENIX Conference, S. 165–171, 1989.

    Google Scholar 

  18. T. Eisenberg et al. The Cornell commission: On Morris and the worm. Commun. ACM, 32 (6): 706–709, Juni 1989.

    MathSciNet  Google Scholar 

  19. V. Evans. Conference and workshop tackle the issues. Computer Fraud & Security Bulletin, 11 (5): 3–7, März 1989.

    Google Scholar 

  20. R. Farrow. What price system security? UNIX/WORLD, S. 54–61, Juni 1987.

    Google Scholar 

  21. U. Feige, A. Fiat, und A. Shamir. Zero-Knowledge Proofs of Identity. Journal of Cryptology, S. 77–94, 1988.

    Google Scholar 

  22. D. C. Feldmeier und P. R. Kara. Password cracking for fun and profit. In 9th Annual Crypto Conference, Santa Barbara, CA, Aug. 1989. International Association for Cryptologic Research.

    Google Scholar 

  23. A. Fiat und A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In A. Odlyzko, Hrsg., Advances in Cryptology - CRYPTO’86, Nr. 263 von LNCS, S. 195–199. Springer Verlag, Aug. 1987.

    Google Scholar 

  24. C. W. Flink und J. D. Weiss. System V/MLS labeling and mandatory policy alternatives. AT&T Technical Journal, S. 53–64, Mai 1988.

    Google Scholar 

  25. W. Fumy. Mechanismen zur elektronischen Identifizierung. DuD — Datenschutz und Datensicherung, S. 245–250, Mai 1989.

    Google Scholar 

  26. V. Gligor et al. Design and implementation of Secure XENIX. IEEE Trans. Softw. Eng., 13 (2): 208–221, Feb. 1987.

    Article  Google Scholar 

  27. F. Grampp und R. Morris. UNIX operating system security. AT&T Technical Journal, 63 (8): 1649–1672, Okt. 1984.

    Google Scholar 

  28. M. Hecht et al. UNIX without the superuser. In USENIX Conference Proceedings, S. 243–256, Phoenix, Arizona, Juni 1987.

    Google Scholar 

  29. C. B. Hogan. Protection imperfect: The security of some computing environments. ACM Operating Systems Review, 22 (3): 7–27, Juli 1988.

    Google Scholar 

  30. M. J. Hösl. Sicherheit des UNIX-Betriebssystems. Diplomarbeit, Technische Universität München, Mai 1989.

    Google Scholar 

  31. ISO/IEC/DP 10117. Information processing systems — Peer entity authentication using a public-key algorithm with a three-way handshake.

    Google Scholar 

  32. ISO/IEC/DP 9798. Information processing systems - Peer entity authentication using a n-bit secret key algorithm.

    Google Scholar 

  33. ISO/IEC/DP 9799. Information processing systems — Peer entity authentication using a public-key algorithm with a three-way handshake.

    Google Scholar 

  34. S. A. Kapilow und M. Cherepov. QUEST — a security auditing tool. AT&T Technical Journal, S. 65–71, Mai 1988.

    Google Scholar 

  35. Y. Klein. UNIX, Sicherheit und Standard. In Jahrestagung der GUUG, S. 348–360, Hagenburg, 1988.

    Google Scholar 

  36. M. J. Knox und E. D. Bowden. UNIX system security issues. Information Age, 10 (2): 67–72, Apr. 1988.

    Google Scholar 

  37. J. Koehring. Automatic identity verification. Information Age, 6 (2): 103–110, Apr. 1984.

    Google Scholar 

  38. A. Lempel. Cryptology in transition. ACM Comput. Surv., 11 (4): 285–303, Dez. 1979.

    Article  MATH  Google Scholar 

  39. T. F. Lunt. Automated audit trail analysis and intrusion detection: A survey. In 11th National Computer Security Conference, Baltimore, MD, Okt. 1988.

    Google Scholar 

  40. T. F. Lunt et al. IDES: The enhanced prototype. Technical Report SRI-CSL-88-12, SRI International, 333 Ravenswood Ave., Menlo Park, CA 94025-3493, Okt. 1988.

    Google Scholar 

  41. T. F. Lunt und R. Jagannathan. A prototype real-time intrusion-detection expert system. In Symposium on Security and Privacy, S. 184–194, Oakland, CA, Apr. 1988. IEEE.

    Google Scholar 

  42. P. Martin. Securing UNIX. In EUUG Autumn 88, S. 53–61, Cascais, Okt. 1988.

    Google Scholar 

  43. H. McGilton und R. Morgan. Einßhrung in das UNIX-System. McGraw Hill, 1983.

    Google Scholar 

  44. R. Morris und K. Thompson. Password security: A case history. Commun. ACM, 22 (ll): 594–597, 1979.

    Article  Google Scholar 

  45. National Bureau of Standards. Data Encryption Standard. Technical Report 46, Federal Information Processing Standards Publication, Jan. 1977.

    Google Scholar 

  46. B. Reid. Reflections on some recent widespread computer break-ins. Commun. ACM, 30 (2): 103–105, Feb. 1987.

    Article  Google Scholar 

  47. K. Rihaczek. Die Handshake-Protokolle zur gegenseitigen Teilnehmerauthentikation. DuD — Datenschutz und Datensicherung, (2): 70–78, Feb. 1989.

    Google Scholar 

  48. D. M. Ritchie. On the Security of UNIX. AT&T Bell Laboratories. UNIX Programmer’s Manual, Section 2.

    Google Scholar 

  49. D. M. Ritchie. Protection of data file contents, Jan. 16 1979. U.S. Patent 4135240.

    Google Scholar 

  50. R. Rivest, A. Shamir, und L. Adleman. A method for obtaining digital signatures and public key cryptosystems. Commun. ACM, 21 (2): 120–126, Feb. 1978.

    Article  MathSciNet  MATH  Google Scholar 

  51. J. A. Rochlis und M. W. Eichin. With microscope and tweezers: The worm from MIT’s perspective. Commun. ACM, 32 (6): 689–698, Juni 1989.

    Article  Google Scholar 

  52. J. S alt z er und M. Schroeder. The protection of information in computer systems. Proc. IEEE, 63 (9): 1278–1308, Sept. 1975.

    Google Scholar 

  53. J. Seberry und J. Pieprizyk. Cryptography — Introduction to Computer Security. Prentice Hall, New York, 1989.

    Google Scholar 

  54. D. Seeley. Password cracking: A game of wits. Commun. ACM, 32 (6): 700–703, Juni 1989.

    Google Scholar 

  55. W. O. Sibert et al. UNIX and B2: Are they compatible? In 10th National Computer Security Conference, S. 142–149, Baltimore, MD, Sept. 1987.

    Google Scholar 

  56. E. H. Spafford. The internet worm program: An analysis. Computer Communication Review, 19 (1), Jan. 1989.

    Google Scholar 

  57. P. H. Wood und S. G. Kochan. UNIX System Security. Hayden UNIX System Library. Hayden Books, Indianapolis, Indiana, 1985.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institut für Informatik, TU München, Postfach 202420, 8000, München 2, Germany

    Armin Liebl

  2. Bell Communications Research, 445 South Street, Morristown, NJ, 07960-1910, USA

    Ernst Biersack

Authors
  1. Armin Liebl
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ernst Biersack
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Institut für Informatik, Technische Universität München, Orleansstr. 34, D-8000, München 80, Germany

    M. Paul

Rights and permissions

Reprints and permissions

Copyright information

© 1989 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Liebl, A., Biersack, E. (1989). Die Sicherheit des UNIX-Betriebssystems. In: Paul, M. (eds) GI — 19. Jahrestagung I. Informatik-Fachberichte, vol 222. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-75177-6_42

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-75177-6_42

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-51821-1

  • Online ISBN: 978-3-642-75177-6

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation