This is one of a series of documents prepared as part of a project on computer security and privacy at the Institute for Computer Sciences and Technology of the National Bureau of Standards (now the NIST). This document is intended primarily for use by those who are responsible for managing and operating government data processing installations. It provides an understanding of the types of security problems that arise in current computer operating systems, and it suggests ways in which the security of these operating systems can be enhanced.
The document may also be of use to: (1) those engaged in the development of computer security techniques, (2) the manufacturers of computer systems and software, and (3) those responsible for managing and operating computer systems in the private sector.
This document concerns the security problems that arise in computer operating systems. In order to develop a balanced set of security safeguards, one should use it in conjunction with documents that treat other specific aspects of the security problem.