Solaris Trusted Extensions Installation and Configuration
Previous Next

Document Information

Preface

1.  Security Planning for Trusted Extensions

2.  Installation and Configuration Roadmap for Trusted Extensions

3.  Installing Solaris Trusted Extensions Software (Tasks)

4.  Configuring Trusted Extensions (Tasks)

5.  Configuring LDAP for Trusted Extensions (Tasks)

6.  Configuring a Headless System With Trusted Extensions (Tasks)

A.  Site Security Policy

Creating and Managing a Security Policy

Site Security Policy and Trusted Extensions

Computer Security Recommendations

Physical Security Recommendations

Personnel Security Recommendations

Common Security Violations

Additional Security References

B.  Using CDE Actions to Install Zones in Trusted Extensions

C.  Configuration Checklist for Trusted Extensions

Glossary

Index

Additional Security References

Government publications describe in detail the standards, policies, methods, and terminology associated with computer security. Other publications listed here are guides for system administrators of UNIXTM systems and are useful in gaining a thorough understanding of UNIX security problems and solutions.

The web also provides resources. In particular, the CERT web site alerts companies and users to security holes in the software. The SANS Institute offers training, an extensive glossary of terms, and an updated list of top threats from the Internet.

U.S. Government Publications

The U.S. government offers many of its publications on the web. The Computer Security Resource Center (CSRC) of the National Institute of Standards and Technology (NIST) publishes articles on computer security. The following are a sample of the publications that can be downloaded from the NIST site.

  • An Introduction to Computer Security: The NIST Handbook. SP 800-12, October 1995.

  • Standard Security Label for Information Transfer. FIPS-188, September 1994.

  • Swanson, Marianne and Barbara Guttman. Generally Accepted Principles and Practices for Securing Information Technology Systems. SP 800-14, September 1996.

  • Tracy, Miles, Wayne Jensen, and Scott Bisker. Guidelines on Electronic Mail Security. SP 800-45, September 2002. Section E.7 concerns securely configuring LDAP for mail.

  • Wilson, Mark and Joan Hash. Building an Information Technology Security Awareness and Training Program. SP 800-61, January 2004. Includes a useful glossary.

  • Grace, Tim, Karen Kent, and Brian Kim. Computer Security Incident Handling Guidelines. SP 800-50, September 2002. Section E.7 concerns securely configuring LDAP for mail.

  • Souppaya, Murugiah, John Wack, and Karen Kent. Security configuration Checklists Program for IT Products. SP 800-70, May 2005.

UNIX Security Publications

Chirillo, John and Edgar Danielyan. Sun® Certified Security Administration for SolarisTM 9 & 10 Study Guide. McGraw-Hill/Osborne, 2005.

Garfinkel, Simson, Gene Spafford, and Alan Schwartz. Practical UNIX and Internet Security, 3rd Edition. O'Reilly & Associates, Inc, Sebastopol, CA, 2006.

General Computer Security Publications

Brunette, Glenn M. and Christoph L. .. Toward Systemically Secure IT Architectures. Sun Microsystems, Inc, June 2005.

Kaufman, Charlie, Radia Perlman, and Mike Speciner. Network Security: Private Communication in a Public World, 2nd Edition. Prentice-Hall, 2002.

Pfleeger, Charles P. and Shari Lawrence Pfleeger. Security in Computing. Prentice Hall PTR, 2006.

Privacy for Pragmatists: A Privacy Practitioner's Guide to Sustainable Compliance. Sun Microsystems, Inc, August 2005.

Rhodes-Ousley, Mark, Roberta Bragg, and Keith Strassberg. Network Security: The Complete Reference. McGraw-Hill/Osborne, 2004.

Stoll, Cliff. The Cuckoo's Egg. Doubleday, 1989.

General UNIX Publications

Bach, Maurice J. The Design of the UNIX Operating System. Prentice Hall, Englewood Cliffs, NJ, 1986.

Nemeth, Evi, Garth Snyder, and Scott Seebas. UNIX System Administration Handbook. Prentice Hall, Englewood Cliffs, NJ, 1989.
Previous Next