The system is not able to boot, from hard disk or from any other device like
floppy, CD, or tape.
The system is able to boot from the hard disk only. This is the most
The system tries to boot from removable devices like floppy, CD, or tape. If
the system cannot find any removable boot device, then the diagnostic
software from the hard disk will be loaded.
AIX/6000 is designed to meet the National Computer Security Center
(NCSC) Trusted Computer System Evaluation Criteria (TCSEC) Class C2, with
additional support exceeding C2 for extended granular access control,
configurable identification and authentication, and system integrity checking
mechanisms. For definition of the TCSEC security levels, see section 2.6.7,
“Security Evaluation Strategy” on page 88.
The security functions offered by AIX/6000 are:
Identification and Authentication
AIX uses standard password authentication. Encrypted passwords and other
security relevant user information are kept in a directory that is not
accessible to ordinary users.
Access Control Lists (ACL)
AIX uses a combination of traditional UNIX mode bits and an Access Control
List (ACL) mechanism. An AIX ACL allows the user to restrict or permit
access for individual users, groups or combinations of users and groups.
The access permission bits (and the ACLs, if present) are modifiable only by
the owner of the file or directory.
Storage objects are objects that can be read-from and written-to by
non-privileged users and are accessed through kernel system calls. The
identified storage objects on AIX are filesystem objects, heap data (malloc′d
memory), a process′s memory address space, shared memory segments
AIX has the capability of creating an audit trail of security relevant events.
The auditable events are generated by preselection of user/event
combinations that can be configured by the system administrator. The audit
trail is kept (by default) in a directory that is not accessible by ordinary
All processes in AIX reside in their own address space. A non-privileged
process may not read or write outside of its own address space. Segment
registers, which define these address spaces, are modifiable only by the
kernel. Other, non-memory TCP resources are protected from unauthorized
access by discretionary access control.
Chapter 3. Platform Security 105