ClearPath Mainframe Servers - Secure Systems
Secure by Design
Security is at the very core of Unisys ClearPath mainframes. In fact, the entire system has been designed from its very beginnings to offer the industry’s highest levels of security. By architecting the hardware, microcode, system software and compilers… together as a whole… with security as one of the main goals, Unisys has been able to deliver systems that provide secure business operations and massive throughput that’s not encumbered by software-only security solutions as are most of the other systems available today.
Security in the Architecture
If you’re already a ClearPath client, you probably know that security is at the core of these systems. In fact, security is designed into the architecture, the operating system and the database and communications structures of ClearPath systems. Their resistance to outside attacks is proven: No virus damage on any ClearPath mainframe has been reported by any of the independent agencies that track these events. ClearPath mainframes are resistant to viruses, worms and the introduction of damaging code to which other systems are vulnerable. Isolated Address SpacesClearPath hardware provides isolated address spaces that keep any one process from accessing the memory of another. This keeps your data private while significantly limiting any effects of bugs or attempted exploits.
Buffer Overflow Immunity
The architecture of MCP prevents any buffer overflows and damage they can cause – in several different ways. The MCP system instruction set uses an object identifier or “tag” on each word in memory to indicate the purpose (and thus constrain usage) of each memory word. All explicit data referencing is done through specially tagged words called descriptors.
These descriptors are created by the hardware and the operating system using instruction sequences unavailable to ordinary user code. Every reference to memory through a descriptor is checked both for the validity of the descriptor and that the reference is within the bounds of the memory area described. Thus conditions such as buffer overflow are detected by the hardware and blocked before the overflow even occurs.
During execution, object code is placed in memory and tagged so that it is not accessible (read or write) as data to the application program. That is, the application is not given any descriptor it can use to reference the area holding either its own code or that of another program.
Here’s another barrier. There’s also no mechanism to force execution of data as code. These gambits require that a rogue program generate code to be able to forge descriptors. But the descriptors available to the program code don’t allow code generation. So, the rogue is blocked, caught and reported.
Additionally, because code and data are kept in different “containers,” there isn’t any notion of “adjacency” that could be exploited to overwrite code – even if the hardware bounds checking allowed it. That is, there is no relationship at all between the memory addresses of a data buffer and an area containing executable code.
The machine instructions or instruction sequences that are able to construct and/or modify control words such as descriptors are designated “restricted” and aren’t generated for any user program. All compilers that Unisys certifies for use on ClearPath MCP servers provide this guarantee. Any compiler not supplied by Unisys must be certified by a system administrator, who then takes responsibility for its behavior.
All Components Are Secure
What’s more, every change to a critical component undergoes a security review by specially trained individuals. Commodity operating system software vendors have only recently recognized the need for this intense diligence. Our attention to careful implementation, enhancing an already-secure operating system, running on hardware designed with security in mind, gives ClearPath mainframes the ultimate security needed for your business-critical core applications and your secure business operations.
|
