Mach is a multiproceesor operating system kernel and environment under development at Carnegie-Mellon University. Mach provides a new foundation for UNIX development that spans networks of uniprocessors and multiprocessors . This paper describes Mach and the motivations that led to its design. Also described are some of the details of its implementation and current status.

Computer security “incidents” occur with alarming frequency.  The incidents range from direct attacks by both hackers and insiders to automated attacks such as network worms.  Weak system controls are frequently cited as the cause, but many of these incidents are the result of improper use of existing control mechanisms.  For example, improper access control specifications for key system files could open the entire system to unauthorized access.  Moreover, many computer systemms are delivered with default settings that, if left unchanged, leave the system exposed. This document discusses automated tools for testing computer system, a system manager can identify common vulnerabilities stemming from administrative errors.  Using automated tools, thsi process may examine the content and protections of hundreds of files on a multi-user system administrators can significantly reduce their systems’ security exposure. Automated vulnerability testing tools are available for a wide variety of systems. Some tools are commercially available; others are available from other system administrators. Additional tools may be developed to address specific concerns for an organization’s computer systems.  This document examines basic requirements for vulnerability testing tools and describes the different functional classes of tools.  Finally, the document offers general recommendations about the selection and distribution of such tools.

Designers of cryptographic systems are at a disadvantage compared with most other engineers, in that information on how these systems fail is hard to get: their major users have been traditionally governemtn agencies which are very secretive about their mistakes. We Presnt the results of a survey of the failure modes of retail banking systems, which constitute the next largest application of cryptology. It turns out that the threat model commonly used by crytosystem designers was wrong: most frauds were not caused by cryptoanalysis or other technical attacks, but by implemenation errors and management failures. This suggests that a paradigm shift is overdue in computer security; we look at some alternatives, and see some signs taht this shift may be under way.