Security Test and Evaluation Tools: An Approach to Operating System Security Analysis,

Abstract

As a result of studies of the security characteristics of selected large operating systems, it has become increasingly evident that any complex operating system requires testing and evaluation in order to validate the functional characteristics of the system and verify claims of improved security safeguards. Furthermore, over the next decade, it is likely that new systems will be subject to continuous testing and evaluation in much the same fashion, and for the same purposes, as are existing systems. As yet, the techniques employed in determining the security characteristics of system software are presently quite primitive, based primarily upon the notion of penetration testing - manually examining system source materials for security vulnerabilities. This suggests the development and refinement of tools and techniques of operating system security analysis. Some of the more desirable characteristics of such tools are explored in this document, and several example tools are described.

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 1974
Accession Number
ADA010969

Entities

People

  • Dennis Hollingworth
  • Marsha Hopwood
  • Steve Glaseman

Organizations

  • RAND Corporation

Tags

DTIC Thesaurus Topics

  • Computer Program Documentation
  • Materials
  • Operating Systems
  • Security
  • System Software
  • Test And Evaluation

Fields of Study

  • Computer science

Readers

  • Software Engineering
  • Software Engineering.
  • Strategic Security Studies