Perhaps the world's first hack took place around 5,000 years agoafter the advent of the abacus, a tool many describe as theoriginal computer. The imagination can easily conjure up images ofa student performing calculations on the racks of sliding beads. Ashe turns his head for a moment, a fellow young scholar tiptoes byand moves a few beads around in jest, causing the other to re-starthis work from scratch. Had the student kept a watchful eye on hisabacus, it is likely his work in progress would have been safe fromthe playful intruder.

When Unix was developed in 1969, the thought of stepping out ofthe punch card era was much more romantic than the idea that peoplemight dedicate time to breaking into computer systems. But nowadaysoperating system security is more of an issue, as people trusttheir most confidential information to hard drives. And-even withfirewalls firmly in place-it is the OS that remains the front lineagainst intruders; holes in it can render even the most powerfulfirewall useless. We have to rely on operating systems to do mostof that work-and keep strangers' hands off the beads. Here's anoverview of the major presences in OS development and the ways theyaddress ever-changing security trends and consumer needs.

Unix

Because Unix was originally designed as a more-open operatingsystem, and thus there is widespread access to the source code ofmany of its “flavors,” anyone with the time can bang out code topatch holes and expose vulnerabilities. While that's been a boonfor programmers and hackers, large corporations want someaccountability for security. The various commercial distributionsof Unix-from Sun, HP, IBM, and others-were developed to meet thatdemand. (The same is true for Linux, the open-source Unix flavorthat has exploded in popularity. See the sidebar, “The LinuxAlternative.”)

Hewlett Packard first released HP-UX more than a decade ago. Nowat version 11i, it features security options from the IP levelinward. According to Ram Appalaraju, director of marketing forHP-UX, the OS is scalable, secure, manageable, and operable withWindows. “UX is standards-compliant architecture, so any Unixoperator can feel comfortable with it,” he said. “On the networklevel, all connections on the IP level are secure with full-levelintegration with any front-end system.”

HP-UX attained a C2 security rating; it supports discretionaryaccess control and accountability. C2 is a veritable standard forcommercial Unix systems because it allows the system or resourceowner to define which users can access information.

But what makes HP-UX unique is its intrusion detection. Sittingon top of the OS, it is designed to protect applications in the 11ienvironment. When an attempted intrusion or actual security breachis found, the system alerts its IT handlers by pager or other meansso they can respond to the break-in immediately.

HP-UX supports Internet Key Exchange (IKE), a managementprotocol standard used in harmony with IPSec-the IP SecurityProtocol. It provides robust authentication and encryption of IPpackets. While IPSec can be configured without IKE, IKE enhancesIPSec by providing additional features such as handling protocoland algorithm negotiation based on local policies, as well asgenerating encryption and authentication keys to be used byIPSec.

Other security considerations allow IT to maintain a maindirectory for users, and then offer directory-enabledauthentication for Unix and Windows users who need it. The LDAP-UXplug-in module, for example, is used for authenticating the latter.“We assume the world is not Unix-centric,” Appalaraju said, “sothis module is a framework for authenticating users from otherenvironments.”

Appalaraju said Unix is biggest in enterprise computing; hebelieves it was the dominant desktop OS five years ago, and as heput it, “has always been secure.”

Security is a strenuous process, according to Ravi Iyer, productline manager for Sun's Solaris, because it requires continuousauditing and accountability. He believes practices, products, andtools ultimately determine security.

Iyer said role-based access control is Solaris's standout. Bysegregating access based on users' business functions, people whoaccess the system only see what they must-and are permitted to.Like HP-UX, Solaris, now at version 8, features pluggableauthentication modules (PAM) to facilitate integration ofauthentication technologies such as smart cards, Kerberos, RSA, andothers into entry functions such as login, telnet, and FTP withoutmodifying those services. And Solaris incorporates Sendmailsolutions for electronic messaging security and control. As Iyerput it, “PAM allows access for layers of applications.”

Also available is the Solaris Security Toolkit, a freestandalone product that automates security processes based onquestions, and makes creating new systems less complicated bycloning existing attributes from other systems. “We understand thatsecurity is not a single deliverable product-it's a process,” Iyersaid, “so we provide tools separate from the OS to addressthat.”

According to Iyer, Solaris, built with discretionary accesscontrol, will benefit from future enhancements such as options forsecurity during install, and beefed up smart card support, roleaccess control, and security support tools. He also said Sun plansto build Solaris Security Toolkit functions into the OS.

Increased development of security tools and management optionsis a direct response to consumers. According to Bill Sandve, IBM'sdirector of Unix product management, people get nervous aboutsecurity because of its many aspects and meanings. He said IBM'sAIX platform responds by promoting trusted activities in a trustedenvironment.

AIX, now at version 4.3.3, features security enhancements suchas the Internet protocol security network packet filter, designedto restrict traffic to known sources inside a firewall, and theoptional IBM SecureWay Directory, for storing user IDs and reducingsecurity administration. A Sendmail upgrade with anti-spammingfeatures is also included.

“We aim to standardize security by building an infrastructurefor name mapping,” Sandve said. “It correlates an ID across the IBMserver environment to manage users.”

According to Sandve, the ideal scenario is a commoninfrastructure set that uses a standard application programinterface (API) to communicate with Windows and other Unixenvironments. He said trends suggest security policies are becomingmore centralized than ever before.

In hopes of addressing such trends, Sandve said IBM is workingon tools that help administrators set up hardened environments andallow them to configure security system defaults during theinstallation process. This includes Web-based, GUI-driven taskguides for simplified setup of VPNs, for example. IBM is alsoconsidering ways to leverage knowledge in the open sourcecommunity.

Windows

A paradigm difference between Microsoft Windows 2000 and otherenvironments such as Unix and Linux, according to Christopher Budd,security program manager at Microsoft's Security Response Center,is Microsoft's ability to integrate systems with management.(Windows XP Professional is taking over from Windows 2000 as thecurrent server-side version, although Microsoft still supports NT4.0.)

Built in software restriction functions allow administrators toblock access to certain applications based on a user's role. “Thismakes the system more intelligent,” Budd said. “Focusing on rolesmakes it possible for people to make integrated securitysystems.”

And with Active Directory, a centralizing solution,administrators can build and distribute group policies from onelocation to manage users and machines across the enterprise.“You're designing a computing environment for user and groups,”Budd explained. “You can keep data entry people in a small space orgrant lots of access to superusers.”

Microsoft has extended this methodology to apps bundled withWindows, including Outlook and Internet Explorer. Outlook 2000 canbe treated with the Outlook E-mail Security Update, and Explorerwith Internet Explorer Administration Kit, designed to help createuser environments. Both are intended to help administratorsincrease system manageability.

According to Budd, everything in Windows is checked againstcomprehensive and rigorous security models, ensuring that nothingcan bypass OS security. “Windows 2000 features complete securitysubsystems, so every process runs within the security context andhas associated permissions,” he said. “We have a comprehensivevision.”

No system can be completely secure. That said, the goal becomesmaking and keeping system intrusion more difficult. When choosingan OS, ask yourself: What is being protected? What is its value?What potential threats exist? Whatever your answers are, one thingis for sure: Ultimately, system security is yourresponsibility.

The Linux Alternative

Linus Torvalds released primordial versions of Linux in 1991. Inmaking the open-source kernel available on the Internet todevelopers, the OS Torvalds described as “just a hobby” would growinto a widely supported environment. And today, many commercialdevelopers stay true to the Linux genesis by embracing the opensource community.

Red Hat Linux, released in 1994 and now at version 7.1, bringsthe benefits of corporate backing-including new securityfeatures-to Linux. For example, system administrators can configurea firewall during the installation process, and can choose whichservices should be allowed by default.

According to Marty Wesley, Red Hat project manager,administrators can control access by user and group and on the filelevel, setting permissions for reading, writing, and executing.“This allows collaboration between users, but keeps the filesprivate,” he said.

Linux features IP Chains and IP Tables security types, which areresponsible for blocking connections on specified ports based onnetwork traffic rules and reviewing connection and machine states,respectively. But Linux's open-source nature is at least partlyresponsible for its security. With thousands of eyes watchingemerging code, an increased interest exists among developers toproduce secure material.

While Red Hat benefits from external developers, systemadministrators can take advantage of Red Hat Network, a plan inwhich they create system profiles, submit them to Red Hat, andautomatically receive new patches and upgrades.