Agenda Open VMS Strategy A note

Agenda

Open. VMS Strategy

A note about Open. VMS Security Testing

ITSEC Security Rating

Health Insurance Portability & Accountability Act of 1996 (HIPAA)

HIPAA Security Requirements Open. VMS White paper on HIPAA compliance can be found at http: //www. openvms. compaq. com/solutions/healthcare/hipaa. html

What is DII COE? http: //spider. osfl. disa. mil/cm/cm_page. html p: //www. openvms. compaq. com/solutions/government/coe/index. htm

Simulation HLA RTI Compliance

Security MUPs & Changes

Open. VMS 7. 2 MUP details

Q&A on Security MUPS & Changes.

System Services Overview

Security Thread Model before 7. 2 Profile Execution

Per-Thread Security Profile Model Profile Execution

Per-Thread Security: Compatibility

Security in Open. VMS V 7. 2 -1

NT Security Infrastructure View

Open. VMS 7. 3 Security Projects

LDAP V 3 in Open. VMS 7. 3

Cluster Wide Intrusion Detection

Why change intrusion detection?

CWID: What are the Differences?

Intrusion Detection example

Interface Changes

Kerberos VMS implementation

SSL

SSL Features

Open. SSL

ACME Login

The CDSA Solution CDSA defines a four-layer architecture for cross-platform, high-level security services CSSM defines a common API & SPI for security services and integrity base Service Providers implement selectable security services http: //developer. intel. com/ial/security/

CDSA Framework

CDSA Adopters

IPSEC support

Open. VMS Ebusiness Security direction

Kerberos for Open. VMS

Kerberos Agenda

Kerberos Authentication What’s in a name?

Authorization vs. Authentication

So what’s the problem?

So how can you solve the Remote Authentication problem?

How does Kerberos work? KDC Client Key Distribution Center TGS Ticket Granting Service Remote Host

Kerberos Components

VMS GUI KDC

VMS GUI User Features

A sample Kerberos Authentication Walkthrough KDC (HOST 2) 1 2 3 Remote Server (Host 3) 4 communications