topic Re: Is OpenVMS the most secure/stable OS around? in Operating System - OpenVMS

Is OpenVMS the most secure/stable OS around?

ngoht20 — Sat, 03 Feb 2007 04:23:58 GMT

Or is this just an old myth by system administrators?

I have read many articles that OpenVMS is so secure and stable that its used in many robust mission critical databases.

I dont know so I will ask the experts here.

Re: Is OpenVMS the most secure/stable OS around?

Robert Gezelter — Sat, 03 Feb 2007 05:19:11 GMT

ngoht20,

By many measures, OpenVMS is considered one of, if not the most, secure and stable OS platforms on the market.

The reasons for this are many. Some of them are architectural, and some of them are due to the nature of the team that implemented the product.

One easy to grasp example is the use of descriptors for strings and similar structures rather than the "C"ism of zero terminated strings. Thus, the cases of "buffer overflow" problems on OpenVMS have been mostly cases of code in an ancilliary application that was ported from another platform.

Another example is the use of privilege. There is a fine granularity of privilege on OpenVMS, which allows privileges to be doled out on a finely controlled basis. Many other systems either have a single privilege bit, or a culture that requires high level privileges for many things.

Another key concept is that OpenVMS security is designed for the most complex case from the beginning, and then can be scaled down in simpler situations. Many other security paradigms were designed for simple cases, and extended when the environment became more complex. Extended designs often have problems, and these security schemes are no exception.

This information is covered in more detail in Chapter 128 "OpenVMS Security" in the Handbook of Information Security, Volume II (Hossein Bidgoli, Ed., Wiley, 2006). The summary and brochure for this chapter are available online at http://www.rlgsc.com/hinfosec/hinfosec.html [I will admit that I wrote the chapter].

I hope that the above is helpful.

- Bob Gezelter, http://www.rlgsc.com
- Bob Gezelter, http://www.rlgsc.com

Re: Is OpenVMS the most secure/stable OS around?

Jan van den Ende — Sat, 03 Feb 2007 06:04:22 GMT

ngoht20,

Some time ago, in a COV discussion about VMS vs Unix security, Keith Cayemberg, an __IBM__ engeneer gave a summary of reasons WHY VMS is so much more secure.
I liked the compactness and reasonibg, so I still have it.

Re: Is OpenVMS the most secure/stable OS around?

Jan van den Ende — Sat, 03 Feb 2007 06:10:29 GMT

Oops, I hit "Summit" too quickly.

Another demonstration of the security was the Defcon-9 hackers conference. VMS proved to be so "cool & unhackable", that for next defcons they changed the rules and VMS was not allowed to enter again, because that would not be fun.
Google "defcon 9" for various stories about it.

Proost.

Have one on me.

jpe

Re: Is OpenVMS the most secure/stable OS around?

Robert Gezelter — Sat, 03 Feb 2007 06:55:00 GMT

Jan,

Perhaps a link to the COV posting to which you refer would be appropriate?

- Bob Gezelter, http://www.rlgsc.com

Re: Is OpenVMS the most secure/stable OS around?

Jan van den Ende — Sat, 03 Feb 2007 07:45:50 GMT

Okay Bob,

This should lead to the whole context of that discussion as well. It is rather a flame-war, but..

http://groups.google.com/group/comp.os.vms/browse_frm/thread/fc80a3ae19220c44/239fd44ffb5c7866?lnk=gst&q=%22keith+cayemberg%22+%26+DESCRIPTOR-based+&rnum=6&hl=en#239fd44ffb5c7866

Proost.

Have one on me.

jpe

Re: Is OpenVMS the most secure/stable OS around?

ngoht20 — Sat, 03 Feb 2007 08:51:45 GMT

Some people think that the DEFCON 9 OpenVMS team had its OpenVMS systems installed with a security software rather than just having the OS exposed to security threats by default.

Re: Is OpenVMS the most secure/stable OS around?

Robert Gezelter — Sat, 03 Feb 2007 13:37:43 GMT

ngoht20,

My recollection of the description of the system was that it did not have any special security software installed.

I will attempt to find the report of the DEFCON 9 episode and post the link later.

- Bob Gezelter, http://www.rlgsc.com

Re: Is OpenVMS the most secure/stable OS around?

ngoht20 — Sat, 03 Feb 2007 15:00:50 GMT

Great PLEASE!!!!! In the meantime I will Google for some info myself on it.

I would appreciate it.

I thought the team were using a security software to enhance the OS's security feature...

Re: Is OpenVMS the most secure/stable OS around?

Ian Miller. — Sat, 03 Feb 2007 15:10:14 GMT

VMS has security designed in not patched on afterwards.

Here are some references

Buffer Overflow (near) Immunity in OpenVMS - Google
http://groups.google.com/groups?selm=3C23EA72.48874137%40gce.com&oe=I... <>

What you should know about HP OpenVMS and Malicious Code - Google
http://groups.google.com/groups?selm=3f43d8fe%241%40usenet01.boi.hp.com

OpenVMS among most-secure of operating systems
http://www.openvms.org/stories.php?story=04/01/09/3843093

Hackers attempting BO in Installed Priv. SW - failed!
ftp://dahmer.vistech.net/upper-deck/octogens-bo-notes.txt

Maximum Security -- Ch 19 -- VAX/VMS
http://www.ods.com.ua/win/eng/security/Max_Security/ch19/ch19.phtml

OpenVMS HACK FAQ - html -- at a well-known OpenVMS Hacker Hangout.
http://vmsbox.cjb.net/VMS/vmsHackFAQ.txt

Hackin' it old school with VMS - Tutorial
http://neworder.box.sk/newsread.php?newsid=5424

Gordon Bell's CyberMuseum for Digital Equipment Corp (DEC)
http://research.microsoft.com/~gbell/Digital/DECMuseum.htm <>

PDP11 Architectural Enhancement Strategy
http://research.microsoft.com/~gbell/Digital/PDP11_Arch_Enhance_Strat... <>Enhance_Strategy_75.pdf>

VAX Strategy c1979.pdf (application/pdf Object)
http://research.microsoft.com/~gbell/Digital/VAX%20Strategy%20c1979.pdf <>tegy%20c1979.pdf>

20th anniversary of OpenVMS - OpenVMS at 20 Nothing Stops it (pdf 2.5MB)
http://h71000.www7.hp.com/openvms/20th/vmsbook.pdf

25th anniversary of OpenVMS
http://h71000.www7.hp.com/openvms/25th/index.html

Re: Is OpenVMS the most secure/stable OS around?

Ian Miller. — Sat, 03 Feb 2007 15:17:22 GMT

and for VMS at DEFCON the report from one who was there is at

http://www.vmsone.com/~opcom/defcon9.htm

Re: Is OpenVMS the most secure/stable OS around?

Ian Miller. — Sat, 03 Feb 2007 15:19:49 GMT

HP white papers

Achieving the highest levels of IT security with HP OpenVMS
http://h71028.www7.hp.com/ERC/downloads/4AA0-2896ENW.pdf

Are some RISC-Based Clusters More Secure Than Others?
http://h71000.www7.hp.com/openvms/whitepapers/TCS_2004.pdf

Enough references yet? - I can go on :-)

Re: Is OpenVMS the most secure/stable OS around?

ngoht20 — Sat, 03 Feb 2007 15:21:30 GMT

Ian Miller,

Thanks but I had already read that article...

And many many thanks to the great links above also...

Re: Is OpenVMS the most secure/stable OS around?

ngoht20 — Sat, 03 Feb 2007 15:30:54 GMT

So in conclusion to my thread topic here, would most people say that OpemVMS is the most or one of the most secure and stable opetating systems out there?

Re: Is OpenVMS the most secure/stable OS around?

John Travell — Sun, 04 Feb 2007 06:05:53 GMT

Reference DEFcon 9, YES, the VMS box there DID have some security related software in use, BUT...
The point that some people seem to miss is that this was security MONITORING software.
As I understand it, the PointSecure application in use will highlight any insecurities you may have introduced into the system (file protections, insecure passwords, etc,) but does NOTHING of itself to actually ENHANCE the built in security that VMS provides.
JT:

Re: Is OpenVMS the most secure/stable OS around?

John Travell — Sun, 04 Feb 2007 06:13:15 GMT

Sorry, I missed your last comment.
> So in conclusion to my thread topic here, would most people say that
> OpenVMS is the most or one of the most secure and stable operating
> systems out there?

Absolutely, YES. In truth, what else is there to compete ?
Certainly nothing from Microsoft. I doubt that any variant of Unix even comes close enough to truly be in the same game, even with all of the bolt-on security extras, let alone out of the box...

JT: (Self confessed VMS bigot)

Re: Is OpenVMS the most secure/stable OS around?

Anton van Ruitenbeek — Mon, 05 Feb 2007 09:11:33 GMT

ngoht20,

The only OS what is more secure is a not working system. This is nonbreakable and you can not login.
The next level of security is a system, not connected to any netwerk.
But OpenVMS is the far most secure system you can get connected to the netwerk. If you can not get to the box, you cant get in. Period !
But ofcourse, anything stands with the security of the persons who are using and configuring it.
I know sites who are using OpenVMS for security but don't know how to configure.
Whitout using SecureOpenVMS and follow the correct lines of common sence it is more secure then any other OS can come in the future. And ofcourse, this is plain out of the box and fully documented whithin OpenVMS itself. As whe say in our country: FREE .

As earlier mentioned, OpenVMS is written for security and not as all the other OS's written for speed and patched security somewhere in it. Or you can buy some of these features for these OS's to let the manager think it's save.

AvR

Re: Is OpenVMS the most secure/stable OS around?

Peter Quodling — Mon, 05 Feb 2007 23:26:35 GMT

The traditional reference point for security rating of systems used to be the US Department of Defense NCSC (NAtional Computer Security Council) Orange Book (Trusted Computer system Evaluation Criteria) (wiki it..)

It referred to multiple levels From the Basic D, through C2, and C1 where VMS and a few others sat, then to B3, B2 and B1 - a Secure Version of VMS (SEVMS) was released as a B1 product.

There was also a working prototype of an A1 system in ZKO in the early 90's. (That's 15 years ago, buckos).

This has been superceded by the "common Criteria", but I think HP don't bother with that anymore...

(I used to use OpenVMS Alpha workstations as firewalls. Left most of the unix solutions for dead...

As for stability. Call your local HP Office. Tell them that you want a five nines or 6 nines (99.999 or 99.9999% uptime) solution. They will get a VMS Specialist to talk to you. There are anecdotal stories at a Decus conference some years back of a vax-750 that had been running for 14 years without a crash, or any other failure...

Re: Is OpenVMS the most secure/stable OS around?

Jan van den Ende — Tue, 06 Feb 2007 06:46:05 GMT

Peter wrote a.o.

>>>
As for stability. Call your local HP Office. Tell them that you want a five nines or 6 nines (99.999 or 99.9999% uptime) solution. They will get a VMS Specialist to talk to you. There are anecdotal stories at a Decus conference some years back of a vax-750 that had been running for 14 years without a crash, or any other failure...
<<<

well, we are not there yet, but maybe we still make a decent example as well:

f$getsyi("cluster_ftime") = 13-apr-1997 11:35:50

Which means, in two months time we will celebrate 10 year uninterrupted uptime.

fwiw,

Proost.

Have one on me.

jpe

Re: Is OpenVMS the most secure/stable OS around?

Jerry Eckert — Tue, 06 Feb 2007 20:57:41 GMT

************
f$getsyi("cluster_ftime") = 13-apr-1997 11:35:50

Which means, in two months time we will celebrate 10 year uninterrupted uptime.
************

Our clusters haven't been up 10 years, but one just passed 5 years (20-Jan-2002) and another has been up since 21-Oct-2003. We have a standalone VAX 4105A that was last booted on 27-Sep-2001 -- 1958 days ago.

Honeywell's Multics is the only operating system I have used that was more secure than OpenVMS. It was the only commercially available system I am aware of that the U.S. Government certified for concurrent use by users at multiple security levels (Secret, Top Secret, etc.).

One interesting concept in Multics was that all "privileges" were controlled by access to the programs which implemented the privileged functions -- users or processes did not hold any privilege rights, per se. One could tell exactly who had access to any function by looking at the ACL on the program that performed that function.

There were 8 access levels (called rings): two privileged rings used by the system, two intermediate privilege rings that applications could use, the normal ring, and three less privileged rings that could be used for user-implemented limited subsystems. Data files as well as executable code had rings associated with them. Each file had three values that controlled which rings could read, write, and execute the data. This scheme protected sensitive data from being manipulated by untrusted users and also protected privileged code from untrusted data.

One example of the simplicity and flexibility of this scheme was the mail system. The mail data files were protected such that ring 4 (user mode) had read access; access to ring 3 was required to write the files. The only way for a user to execute in ring 3 was to run the mail utility, which had gates from ring 4 to ring 3 from the privileged routines.

To debug the code, the test mail files were created to allow both read and write access in ring 4. The gates were simply transfer vectors used to ensure that control was passed to the potentially privileged code at defined entry points; the target ring was determined by an external attribute of the file, and thus could be changed without modifying the code. Thus, the same code could be used for non-privileged testing or privileged production use with no modifications.