Zusammenfassung
In diesem Artikel wird die Sicherheit des Betriebssystems UNIX untersucht. Es werden mögliche Gefahrdungen für UNIX beschrieben und Werkzeuge zur Erhöhung der Sicherheit vorgestellt. Weiter wird auf Techniken der Benutzerauthentifizierung eingegangen. Abschließend wird untersucht, wie die Sicherheit von UNIX im Sinne der im “Orange Book” enthaltenen Anforderungen verbessert werden kann.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Literatur
R. Baldwin. Rule based analysis of Computer security. In Proceedings ofthe IEEE Compcon, S. 227–233, San Francisco, 1987. IEEE.
R. Baldwin. Rule Based Analysis of Computer Security. PhD thesis, MIT, Cambridge, März 1988. TR-401.
D. S. Bauer und M. E. Koblentz. NIDX — an expert system for real-time intrusion detection. In Comp. Networking Symposium, S. 98–106, Apr. 1988.
T. Beyer. Sicherheitsaspekte von Computernetzwerken. In Gl Jahrestagung, München, Okt. 1989.
M. Bishop. An application of a fast Data Encryption Standard implementation. Computing Systems, 1 (3): 221–254, Summer 1988.
S. Bourne. Das UNIX-System. Addison Wesley, 1985.
S. Bunch. The SETUID-feature in UNIX and security. In 10th National Computer Security Conference, S. 245–253, Baltimore, MD, Sept. 1987.
CCITT Draft Recommendation X.509. Version 7, ISO DIS 9594-8.
D. D. Clark und D. R. Wilson. A comparison of commercial and military security policies. In Symposium on Security and Privacy, S. 184–194, Oakland, CA, Apr. 1987. IEEE.
M. Davio, J.-M. Goethals, und J.-J. Quisquater. Authentication procedures. In T. Beth, Hrsg., Cryptography, Nr. 149 von LNCS, S. 283–288. Springer Verlag, März 1982.
D. E. Denning. An intrusion-detection model. In Symposium on Security and Privacy, S. 184–194, Oakland, CA, Apr. 1986. IEEE.
D. E. Denning, P. G. Neumann, und D. B. Parker. Social aspects of computer security. In 10th National Computer Security Conference, S. 320–325, Baltimore, MD, Sept. 1987.
Department of Defense. Trusted Computer System Evaluation Criteria. CSC-STD-001–83, Computer Security Center, Aug. 1983.
Department of Defense. Trusted Computer System Evaluation Criteria. DoD 5200.28-STD, Computer Security Center, Dez. 1985.
W. Diffie und M. Hellman. New directions in cryptography. IEEE Trans. Inf. Theory, 22 (6): 644–654, Nov. 1976.
W. Diffie und M. Hellman. Privacy and authentication: An introduction to cryptography. Proceedings of the IEEE, 67 (3): 397–427, 1979.
T. Duff. Viral attacks on UNIX system security. In Proceedings of the Winter 1989 USENIX Conference, S. 165–171, 1989.
T. Eisenberg et al. The Cornell commission: On Morris and the worm. Commun. ACM, 32 (6): 706–709, Juni 1989.
V. Evans. Conference and workshop tackle the issues. Computer Fraud & Security Bulletin, 11 (5): 3–7, März 1989.
R. Farrow. What price system security? UNIX/WORLD, S. 54–61, Juni 1987.
U. Feige, A. Fiat, und A. Shamir. Zero-Knowledge Proofs of Identity. Journal of Cryptology, S. 77–94, 1988.
D. C. Feldmeier und P. R. Kara. Password cracking for fun and profit. In 9th Annual Crypto Conference, Santa Barbara, CA, Aug. 1989. International Association for Cryptologic Research.
A. Fiat und A. Shamir. How to prove yourself: Practical solutions to identification and signature problems. In A. Odlyzko, Hrsg., Advances in Cryptology - CRYPTO’86, Nr. 263 von LNCS, S. 195–199. Springer Verlag, Aug. 1987.
C. W. Flink und J. D. Weiss. System V/MLS labeling and mandatory policy alternatives. AT&T Technical Journal, S. 53–64, Mai 1988.
W. Fumy. Mechanismen zur elektronischen Identifizierung. DuD — Datenschutz und Datensicherung, S. 245–250, Mai 1989.
V. Gligor et al. Design and implementation of Secure XENIX. IEEE Trans. Softw. Eng., 13 (2): 208–221, Feb. 1987.
F. Grampp und R. Morris. UNIX operating system security. AT&T Technical Journal, 63 (8): 1649–1672, Okt. 1984.
M. Hecht et al. UNIX without the superuser. In USENIX Conference Proceedings, S. 243–256, Phoenix, Arizona, Juni 1987.
C. B. Hogan. Protection imperfect: The security of some computing environments. ACM Operating Systems Review, 22 (3): 7–27, Juli 1988.
M. J. Hösl. Sicherheit des UNIX-Betriebssystems. Diplomarbeit, Technische Universität München, Mai 1989.
ISO/IEC/DP 10117. Information processing systems — Peer entity authentication using a public-key algorithm with a three-way handshake.
ISO/IEC/DP 9798. Information processing systems - Peer entity authentication using a n-bit secret key algorithm.
ISO/IEC/DP 9799. Information processing systems — Peer entity authentication using a public-key algorithm with a three-way handshake.
S. A. Kapilow und M. Cherepov. QUEST — a security auditing tool. AT&T Technical Journal, S. 65–71, Mai 1988.
Y. Klein. UNIX, Sicherheit und Standard. In Jahrestagung der GUUG, S. 348–360, Hagenburg, 1988.
M. J. Knox und E. D. Bowden. UNIX system security issues. Information Age, 10 (2): 67–72, Apr. 1988.
J. Koehring. Automatic identity verification. Information Age, 6 (2): 103–110, Apr. 1984.
A. Lempel. Cryptology in transition. ACM Comput. Surv., 11 (4): 285–303, Dez. 1979.
T. F. Lunt. Automated audit trail analysis and intrusion detection: A survey. In 11th National Computer Security Conference, Baltimore, MD, Okt. 1988.
T. F. Lunt et al. IDES: The enhanced prototype. Technical Report SRI-CSL-88-12, SRI International, 333 Ravenswood Ave., Menlo Park, CA 94025-3493, Okt. 1988.
T. F. Lunt und R. Jagannathan. A prototype real-time intrusion-detection expert system. In Symposium on Security and Privacy, S. 184–194, Oakland, CA, Apr. 1988. IEEE.
P. Martin. Securing UNIX. In EUUG Autumn 88, S. 53–61, Cascais, Okt. 1988.
H. McGilton und R. Morgan. Einßhrung in das UNIX-System. McGraw Hill, 1983.
R. Morris und K. Thompson. Password security: A case history. Commun. ACM, 22 (ll): 594–597, 1979.
National Bureau of Standards. Data Encryption Standard. Technical Report 46, Federal Information Processing Standards Publication, Jan. 1977.
B. Reid. Reflections on some recent widespread computer break-ins. Commun. ACM, 30 (2): 103–105, Feb. 1987.
K. Rihaczek. Die Handshake-Protokolle zur gegenseitigen Teilnehmerauthentikation. DuD — Datenschutz und Datensicherung, (2): 70–78, Feb. 1989.
D. M. Ritchie. On the Security of UNIX. AT&T Bell Laboratories. UNIX Programmer’s Manual, Section 2.
D. M. Ritchie. Protection of data file contents, Jan. 16 1979. U.S. Patent 4135240.
R. Rivest, A. Shamir, und L. Adleman. A method for obtaining digital signatures and public key cryptosystems. Commun. ACM, 21 (2): 120–126, Feb. 1978.
J. A. Rochlis und M. W. Eichin. With microscope and tweezers: The worm from MIT’s perspective. Commun. ACM, 32 (6): 689–698, Juni 1989.
J. S alt z er und M. Schroeder. The protection of information in computer systems. Proc. IEEE, 63 (9): 1278–1308, Sept. 1975.
J. Seberry und J. Pieprizyk. Cryptography — Introduction to Computer Security. Prentice Hall, New York, 1989.
D. Seeley. Password cracking: A game of wits. Commun. ACM, 32 (6): 700–703, Juni 1989.
W. O. Sibert et al. UNIX and B2: Are they compatible? In 10th National Computer Security Conference, S. 142–149, Baltimore, MD, Sept. 1987.
E. H. Spafford. The internet worm program: An analysis. Computer Communication Review, 19 (1), Jan. 1989.
P. H. Wood und S. G. Kochan. UNIX System Security. Hayden UNIX System Library. Hayden Books, Indianapolis, Indiana, 1985.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1989 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Liebl, A., Biersack, E. (1989). Die Sicherheit des UNIX-Betriebssystems. In: Paul, M. (eds) GI — 19. Jahrestagung I. Informatik-Fachberichte, vol 222. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-75177-6_42
Download citation
DOI: https://doi.org/10.1007/978-3-642-75177-6_42
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-51821-1
Online ISBN: 978-3-642-75177-6
eBook Packages: Springer Book Archive