VISUALIZE Workstations Interoperable Security for HP-UX and Windows NT Technical Workstations By Scott Key Solution Specialist...
Introduction In order to provide integration and interoperability of engineering functions and information between HP-UX and Windows NT platforms, protection of resources and data must be assured. This secure engineering environment is most prevalent when an organization utilizes out-sourcing for engineering services of sub-components and processes.
Figure 1: Four Basic Security Concepts Today’s technical and engineering environments often require security that handles many levels of security across both Windows NT and UNIX systems. As more geographically dispersed collaboration is pursued in the cross discipline approach to engineering, more concern is given to ramifications of the data security.
Figure 2: Collaborative Engineering Environment An ideal security environment would be one that incorporates the security paradigms of both Windows NT and UNIX in a consistent and integrated fashion. For example, when a change in the access control or role-based model is made for a Windows NT or UNIX system, it is reflected in the other security systems.
network. This can lead to attempts to fool (e.g. spoofing) a system into believing an alternate identity for the intruding system. However, HP-UX has added a number of features that enhance its security capabilities. HP-UX provides for security level certification to Department of Defense (DOD) C2 on through B1.
Integration of Windows NT Security into the UNIX Environment Security paradigms need to be consistent between Windows NT and UNIX as a way to help keep the total cost of ownership down. However, this requires a centralized approach to security administration that is pervasive across many systems. There are two fundamental security building blocks that are available (or soon will be) on UNIX and Windows NT.
Figure 3: A possible configuration for Windows NT & UNIX Security Protocol Integration The current HP Praesidium framework is a family of security products that can provide cross-platform management from a centralized perspective, and addresses all four major aspects of security: authentication, authorization, data protection and non-repudiation. The current Praesidium family includes such items as Single Sign-On, Authorization Server, VirtualVault and others.
Figure 4: Praesidium Security Framework If Windows NT does embrace Kerberos, the future will look better for security on both platforms. Kerberos will allow the integration of the forthcoming HP Public Key Infrastructure (PKI). This infrastructure is based on issuing a single highly trusted digital identity (public key certificate) to individual users.
secure access to the same data could be provided today, by using DFS (Distributed File System) and DCE on both systems, in conjunction with the mentioned security processes. 02/04/00 HP VISUALIZE WORKSTATIONS...