UNIX(TM) SECURITY - TODAY and TOMORROW.

This is a talk prepared for the Digital Equipment Corporation (DEC) Users (DECUS) organization concerning the current state of security in the UNIX(TM) environment, plus trends and future plans for UNIX security. This talk will discuss the different forms and standards of operating system security. This talk will introduce the concepts of Trusted Computer System Evaluation Criteria (TCSEC) Operating System and Network Security measures as they can be related to UNIX, and their effect on users, performance, and security capability. This talk will then show how the TCSEC standards do not coincide with the research or development access and information sharing needs, but do work for banking, insurance, and government requirements. It will show how individual operating system,and network seurity must be combined into an overall system architecture security in order to obtain protection from system intrusion (crackers). This talk will then discuss what level and style of system and network security do coincide with research and development needs and how they could be instituted into a general system acceptable to other more stringent applications, like government. The talk will end with an introduction to the current plans for System V Release x (SVRx) and System V/Multi-Level Security (SV/MLS) systems and networking requirements (if allowed).