The Public Switched Network (PSN) provides National Security and Emergency Preparedness (NS/EP) telecommunications. Service vendors, equipment manufacturers, and the federal government are concerned that vulnerabilities in the PSN could be exploited and result in disruptions or degradation of service. To address these threats, NIST is assisting the Office of the Manager, National Communications System (OMNCS), in the areas of computer and network security research and development. NIST is investigating the vulnerabilities and related security issues that result from the use of open systems platforms, i.e., products based on open standards such as POSIX and OSI, in the telecommunications industry. This report is intended to provide information for the practicing programmer involved in development of telecommunications application software. In short, it provides answers to the question, "How do I build security into software based on open system platforms?" It is not intended to be tutorial in nature and assumes some knowledge of open systems and Unix. Many of the references cited are tutorial and may be used to obtain any background information required. |