IBM 10 SP1 EAL4 2.2.4 Security policy

Network services, such as ssh or ftp, involve client-server architecture and a network service-layer

protocol. The client-server model splits the software that provides a service into a client portion that makes

the request, and a server portion that carries out the request, usually on a different computer. The service

protocol is the interface between the client and server. For example, User A can log in at Host 1, and then use

ssh to log in to Host 2. On Host 2, User A is logged in from a remote host.

On Host 1, when User A uses ssh to log in to Host 2, the ssh client on Host 1 makes protocol requests to an

ssh server process on Host 2. The server process mediates the request on behalf of User A, carries out the

requested service, if possible, and returns the results to the requesting client process.

Also, note that the network client and server can be on the same host system. For example, when User B uses

user can use the graphical display provided as the console), or

2. By interacting directly with system through a session at a serial terminal, or

3. Through deferred execution of jobs using the cron and atd utilities.

A user must log in at the local system in order to access the protected resources of the system. Once a user is

authenticated, the user can access files or execute programs on the local computer, or make network requests

to other computers in the system.

The only subjects in the system are processes. A process consists of an address space with an execution

context. The process is confined to a computer; there is no mechanism for dispatching a process to run

remotely (across TCP/IP) on another host. Every process has a process ID (PID) that is unique on its local

host computer, but PIDs are not unique throughout the system. As an example, each host in the system has an