HP OpenVMS Guide to System Security > Appendix C Running an OpenVMS System in a C2 Environment

Introduction to C2 Systems

  Table of Contents

  Glossary

  Index

This section describes the requirements for a C2 system and explains the documentation that the OpenVMS product provides to support such a system.

Definition of the C2 Environment

A C2 environment is one that meets the United States Defense Department's criteria for trusted computer systems and that contains only those hardware and software components of the trusted computing base (TCB) that were included in the government's evaluation of the OpenVMS operating system.

The criteria for C2 systems are defined in the Department of Defense Trusted Computer System Evaluation Criteria, published by the Department of Defense Computer Security Center (DOD 5200.28-STD). They include the following:

  • Access controls, which if used, can identify individual users as well as groups of users

  • User accountability through login procedures that clearly identify a user

  • Auditing of security-relevant events

  • Resource isolation so objects are erased before being reallocated

Documentation

The trusted facility manual is intended for the system administrator. The C2 trusted facility manual includes the following:

  • Chapters 5--13 and the appendixes of this manual

  • HP OpenVMS System Management Utilities Reference Manual, Audit Analysis utility section

  • OpenVMS AXP Version 6.1 Upgrade and Installation Manual

  • OpenVMS VAX Version 6.1 Upgrade and Installation Manual

  • OpenVMS AXP Version 6.1 Release Notes

  • OpenVMS AXP Version 6.1 Release Notes Addendum

  • OpenVMS VAX Version 6.1 Release Notes

  • OpenVMS VAX Version 6.1 Release Notes Addendum

Part I “Security Overview”See “Security Overview” on page 25 and Part II “Security for the User”“Security for the User” on page 39 of this guide constitute the security features user's guide and should be made available to all users.