HPE Community
Operating System - HP-UX
1836796 Members
2505 Online
110110 Solutions
New Discussion

Re: Trusted and Non Trusted systems

 
SOLVED
Go to solution
AL_3001
Regular Advisor

‎08-31-2007 10:57 AM

‎08-31-2007 10:57 AM

Trusted and Non Trusted systems

Hi Friends,
Can you please provide me with basic knowledge of trusted and non- trusted systems as i am new to this. Thanks.
0 Kudos
10 REPLIES 10
whiteknight
Honored Contributor

‎09-01-2007 05:37 AM

‎09-01-2007 05:37 AM

Re: Trusted and Non Trusted systems


Ashish,

Please refer to Trusted System vs Non-Trusted system explanation

http://docs.hp.com/en/B2355-90121/ch01s03.html


WK
please assign points
Problem never ends, you must know how to fix it
0 Kudos
Steven E. Protter
Exalted Contributor

‎09-01-2007 06:44 AM

‎09-01-2007 06:44 AM

Re: Trusted and Non Trusted systems

Shalom,

Also note that HP has decided to obsolete the trusted system and replace it with another way of making a system more secure, available from http://software.hp.com . As yet, only available for HP-UX 11.31, hopefully to provide a migration path it will be ported to earlier, supported versions of the OS.

I like trusted systems and used them this way for years. Now, I'd be wary about continuing to use technology that HP has decided to no longer support.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Ivan Krastev
Honored Contributor

‎09-01-2007 08:22 AM

‎09-01-2007 08:22 AM

Re: Trusted and Non Trusted systems

I also suggest to take a look at this new product HP-UX Security Containment - http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=SecurityExt


regards,
ivan
0 Kudos
doug hosking
Esteemed Contributor

‎09-01-2007 04:49 PM

‎09-01-2007 04:49 PM

Re: Trusted and Non Trusted systems

SEP, I think you will find that most of the features are also available in 11.23 if you get the right packages from software.hp.com.

Shadow password support is in the original 11.23. See also http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=StdModSecExt

If there are specific features you depended on in trusted mode that don't seem to be available with this combination, please add comments here so HP can be aware of your concerns.

0 Kudos
Amit Parui
Valued Contributor

‎09-02-2007 06:30 PM

‎09-02-2007 06:30 PM

Solution

Re: Trusted and Non Trusted systems

The basic difference between a trusted and an untrusted system is the Auditing and Security part.
In an Untrusted system just go and check the /etc/passwd file and you will find some junk characters being shown in the password field whereas you will find an asterisk (*) in case of a trusted system. The password in that case is placed in /tcb/auth/a
There are many other features that are enabled in a trusted system like password aging, password sizing etc.

To brief up -

A trusted system is one that can be relied upon to perform correctly in two
important ways:
The system's operational features-in particular, its application interface|
work correctly and satisfy the computing needs of the system users.
The system's security features provide the mechanisms necessary to enforce
the site's security policy and provide protection from threats.

A security policy is a statement of the rules and practices that regulate how
an organization manages, protects, and distributes sensitive information.

I suppose i hv been quite clear in it !!!
If Life gives u a ROCK, its upto u to build a BRIDGE or a WALL !!!
0 Kudos
Amit Parui
Valued Contributor

‎09-02-2007 06:31 PM

‎09-02-2007 06:31 PM

Re: Trusted and Non Trusted systems

In the untrusted mode, HP-UX o ers the security mechanisms available in the
standard UNIX environment. When con gured in the trusted mode, HP-UX
provides additional security features such as a more stringent password and
authentication system, auditing, terminal access control, and time-base access
controls.
If Life gives u a ROCK, its upto u to build a BRIDGE or a WALL !!!
0 Kudos
Amit Parui
Valued Contributor

‎09-02-2007 06:32 PM

‎09-02-2007 06:32 PM

Re: Trusted and Non Trusted systems

In the untrusted mode, HP-UX offers the security mechanisms available in the
standard UNIX environment. When configured in the trusted mode, HP-UX
provides additional security features such as a more stringent password and
authentication system, auditing, terminal access control, and time-base access
controls.
If Life gives u a ROCK, its upto u to build a BRIDGE or a WALL !!!
0 Kudos
Amit Parui
Valued Contributor

‎09-02-2007 07:37 PM

‎09-02-2007 07:37 PM

Re: Trusted and Non Trusted systems

Hey Ashish,

U can also chk the following link for more info -
http://docs.hp.com/en/B2355-90121/B2355-90121.pdf
If Life gives u a ROCK, its upto u to build a BRIDGE or a WALL !!!
0 Kudos
Steven E. Protter
Exalted Contributor

‎09-02-2007 07:59 PM

‎09-02-2007 07:59 PM

Re: Trusted and Non Trusted systems

Thanks Doug for the heads up on 11.23.

Quite annoying its not offered on 11.11 in spite of the same end of life date. HP is pushing 11.23.

11.23 is mature enough to run with, even on PA-RISC.

I'd recommend the new product versus trusted system. Much of trusted system functionality is apparanetly built in.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
AL_3001
Regular Advisor

‎09-02-2007 10:03 PM

‎09-02-2007 10:03 PM

Re: Trusted and Non Trusted systems

Thanks a lot for your valuable inputs.
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.