Operating System Penetration

Get BibTex-formatted data

Author

Richard R. Linde

Entry type

inproceedings

Abstract

One of the favorite diversions of university students involves "beating" the system. In the case of operating systems, this has been a remarkably easy accomplishment An extensive lore of operating system penetration, ranging from anecdotes describing students who have outsmarted the teacher's grading program to students who captured the system's password list and posted it on one of the bulletin boards has been collected on college campuses. Private industry has been victimized much more seriously. Here the lore of the "system" penetrations contains scenarios involving the loss of tens of thousands of dollars. The Research and Development organization at SDC has been seriously involved with legitimate operating system penetration efforts. Under contract to government agencies and industry SDC has assessed the secure-worthiness of their systems by attemps to gain illegal access to their operating systems. As of this date, seven operating systems have been studied. This paper examines the successful penetration methodology employed and the generic operating system functional weaknesses that have been found. Recommendations are made for improvement that can strengthen the penetration methodology.

Date

1975

URL

http://delivery.acm.org/10.114 ... 4260&CFTOKEN=96003026

Institution

National Computer Conference

Key alpha

Linde

Publication Date

2001-01-01

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Inproceedings{ Linde,
	title = "Operating System Penetration",
	author = "Richard R. Linde",
	year = "1975",
	institution = "National Computer Conference",
	abstract = "One of the favorite diversions of university students involves "beating" the system.
In the case of operating systems, this has been a remarkably easy accomplishment
An extensive lore of operating system penetration, ranging from anecdotes describing
students who have outsmarted the teacher's grading program to students who captured
the system's password list and posted it on one of the bulletin boards has been
collected on college campuses. Private industry has been victimized much more seriously.
Here the lore of the "system" penetrations contains scenarios involving the loss of
tens of thousands of dollars.
The Research and Development organization at SDC has been seriously involved with
legitimate operating system penetration efforts. Under contract to government agencies
and industry SDC has assessed the secure-worthiness of their systems by attemps to
gain illegal access to their operating systems. As of this date, seven operating
systems have been studied. This paper examines the successful penetration methodology
employed and the generic operating system functional weaknesses that have been found.
Recommendations are made for improvement that can strengthen the penetration methodology.",
	url = "http://delivery.acm.org/10.1145/1510000/1500018/p361-linde.pdf?key1=1500018&key2=7609636421&coll=GUIDE&dl=GUIDE&CFID=42194260&CFTOKEN=96003026",
}