PENETRATING AN OPERATING SYSTEM - STUDY OF VM-370 INTEGRITY

A team of penetrator-analysts was formed to attempt to penetrate VM/370, with the objective of obtaining information to which they were not entitled, such as passwords or data that belonged to other users. Lesser goals were to acquire an unreasonably large share of resources in order to deny service to other users, and to obtain resources but escape accountability. The only tool that was available to the penetration team was a listing of the VM/370 operating system code. The method used in this study comprised the following steps: modeling the system control structure; flaw hypothesis generation; flaw hypothesis confirmation; and flaw generalization. Details of the methodology and results of penetration efforts are discussed. Input/output was found to be involved in most of the weaknesses discovered. Relative design simplicity was found to be the source of greatest protection against penetration efforts.