Access control mechanisms for a network operating system

The growing recognition of the need for computer system security has resulted in the design, development and installation of "patches," packages and even new operating systems intended to provide higher degrees of data and systems protection. With the increased utilization of computer networks and current developments in the area of network operating systems (NOSs)40,19,30 the requirements for security in networking environments are also coming under investigation. 26,42 While research and development are still ongoing in the NOS area, it is vital to ensure that requirements for the security and integrity of data are well specified and that mechanisms for achieving the needed levels of systems protection are included in the design of the NOS. This will ensure that subsequent production versions of NOSs incorporate such mechanisms-thus, charting a course away from the otherwise inevitable "retrofit security" situation. Military applications have been the source of much of the computer and communications security knowledge. However, what is cost-effective in enhancing systems security for a military application may impose an untenable burden on a commercial or public system. To assist the manager/ analyst in identifying appropriate security mechanisms, this paper identifies a set of access control capabilities which should be considered for inclusion within a general purpose NOS. Before identifying the actual mechanisms involved in enhancing NOS security, an NOS environment is briefly described. An overview of computer network security requirements is then provided and suggested approaches are referenced. The second section identifies the specific access control functions required by the type of network operating system described in the first section. The implementation of these access control mechanisms in the NBS Experimental Net-