OpenVMS Security

Robert Gezelter, Software Consultant



Basis in Architecture

Implementation Techniques

Software Basis

Security-Specific Architecture

Traditional Protection/Ownership Hierarchy

Rights Identifiers

Reference Monitor Concept


Access Control Lists

Audit Server

U.S. Government Security Certification

Implementing Secure User Environments

Implicit Security

Application Programming Interfaces

File System Access

Network Access

Open Source Software




Cross References


Further Reading


OpenVMS is a system with a unique history. It has a system architecture designed to produce a high-efficiency, high-integrity environment. High-security operation is a direct consequence of these goals. Philosophically, this has been crucial to its success. Thus, OpenVMS avoids the vulnerabilities plaguing systems that do not have security and integrity as part of their initial design. This chapter begins with a full examination of OpenVMS architecture, followed by a detailed examination of its integral security-specific design and related features.

The original OpenVMS design was a combined hardware/software architecture project. The protection modes, memory management, and privileged instruction set of the VAX processor were designed with the collaboration of the operating system's engineering team.

This coengineering process produced an operating system with a unique character. The design blends the knowledge ...

Get Handbook of Information Security: Information Warfare, Social, Legal, and International Issues and Security Foundations, Volume 2 now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.