The size of many UNICOS systems poses security administration problems which are not present in the typical UNIX environment. This talk will concentrate on the unique aspects of security administration on a large system and provide tips for managing users, data and privilege in a controlled fashion. The talk will also address the use of Cray specific security features such the system audit logs, Privilege Access Lists and NFS UID/GID Mapping.
Frank Lovato and Mike Miller
Table of Contents | Author Index | CUG Home Page | Home (Title Page)
At the Naval Oceanographic Office (NAVOCEANO), some unclassified data can be used to create the classified operational products in support of the fleet. To avoid costly regeneration, specified users were allowed to copy these data to a tape and then to reload on the classified system. Although unorthodox, this approach worked so well that other users began to use it. The operator intervention soon became an operational problem, and the time required to move the tapes caused delays in producing the time-sensitive fleet support products. A solution that did not require manual effort and that would provide a greater degree of security was needed. Using the Cray suite of software capabilities, a truly novel approach was conceived.
A low-speed channel connection was first established between the two systems. To control this connection, the Cray Multi-Level Security (MLS) Workstation Access List (WAL) feature was used to name specific users who were allowed access to this connection and to restrict usage only to the Network File System (NFS). Further control was obtained by creating a read-only NFS mounted file system that served to preclude anyone from reading data to the unclassified system from the classified system. Modifications were also made to the UNICOS O/S, allowing the network connection to be defined at a higher MLS level than that assigned to the users on the unclassified system; these modifications denied surreptitious access to the connection. By using these UNICOS features, operator intervention was not required, the data were transferred at channel speed, and the classified Cray system was protected from unauthorized access.