A Taxonomy of Security Faults in the Unix Operating System

Total Page:16

File Type:pdf, Size:1020Kb

A Taxonomy of Security Faults in the Unix Operating System ATAXONOMY OF SECURITY FAULTS IN THE UNIX OPERATING SYSTEM A Thesis Submitted to the Faculty of Purdue University by Taimur Aslam In Partial Fulllment of the Requirements for the Degree of Master of Science August ii This thesis is dedicated to my parents iii ACKNOWLEDGMENTS Iwould like to thank my thesis advisor Dr Eugene Spaord for guiding me through my reaserch Dr Spaord provided me the insight to tackle dierent problems read several drafts of the thesis and made invaluable comments I also thank him for b eing so patient and willing to work with myoddschedule I also thank my committee memb ers Dr AdityaMathur Dr Samuel Wagsta Dr Michal Young Dr William Gorman provided invaluable feedbacktoimprove the format of this thesis I am greatly indebted to myparents for their supp ort and encouragementover the years I would not have b een able to make it this far without their supp ort I am also grateful to my sister for her supp ort in so many dierentendeavors and for b eing a great friend I thank Dan Schikore Mark Crosbie Steve Lo din and Muhammad Tariq who pro ofread manuscripts of my thesis and made invaluable comments Thanks to all my friends and everyb o dy in the COAST lab who provided much needed supp ort and made sure that I maintained my sanity ThankstoFrank Wang for implementing the frontend to the database prototyp e This acknowledgementwould not b e complete without mentioning Sadaf and some vealways b een an inspiration to me very sp ecial p eople who ha This work was supp orted in part by gifts from Sun Microsystems Bell Northern Research and Hughes Research Lab oratories equipment loaned to the COAST group by the US Air Force and a contract with Trident Data Systems This supp ort is gratefully acknowledged THIS PAGE IS INTENTIONALLY LEFT BLANK iv TABLE OF CONTENTS Page LIST OF TABLES vii LIST OF FIGURES viii ABSTRACT ix An Overview of Software Testing Metho ds Provable Security and Formal Metho ds SecurityTesting Applications of Fault Categories Organization of the Thesis RELATED WORK Protection Analysis Pro ject RISOS Pro ject Flaw Hyp othesis Metho dology Case Study Penetration Analysis of the Michigan Terminal System Software Fault Studies Fault Categories Errors of T X E ATaxonomy of Computer Program SecurityFlaws yFault Classication Schemes Comparison of Securit ATAXONOMY OF SECURITY FAULTS IN THE UNIX OPERATING SYSTEM ATaxonomy of SecurityFaults Conguration Errors Examples Synchronization Errors Example Condition Validation Errors v Page Examples EnvironmentFaults Example Selection Criteria DESIGN OF THE VULNERABILITY DATABASE Motivation Entity Relation Mo del EntityAttributes Entity Relation Diagram EntityIntegrity Constraints Referential Integrity Constraints Op eration on the Relations Requirements Analysis Design Issues Database Kernel Representation of Relations Vulnerability Database Interface terface User In Integrity Constraints EntityIntegrity Constraints Referential Integrity Constraints Template Representation Data Sources Requirements Analysis Design Issues Database Kernel Representation of Relations Vulnerability Database Interface User Interface Integrity Constraints EntityIntegrity Constraints Referential Integrity Constraints Template Representation Data Sources SECURITY FAULT DETECTION TECHNIQUES Static Analysis Symbolic Testing Path Analysis and Testing vi Page Functional Testing Syntax Testing Mutation Testing Condition Validation Errors Boundary Condition Errors Input Validation Errors Access RightValidation Errors Origin Validation Errors Failure to Handle Exceptional Conditions Environment Errors Synchronization Faults Conguration Errors Summary CONCLUSIONS AND FUTURE WORK BIBLIOGRAPHY APPENDICES App endix A Description of Software Fault Studies App endix B ATaxonomyofUnixVulnerabilities vii LIST OF TABLES Table Page Percentage of Errors Detected Fault Categories by Rub ey Fault Categories byWeiss Comparative Results byPotier Bug Statistics by Beizer VulnerabilityEntityAttributes Op erating System EntityAttributes PatchInfoAttributes Vulnerability Database Interface Functions Op erations on Relations Vulnerability Database Interface Functions Comparison of Dierent Software Testing Metho ds App endix Table viii LIST OF FIGURES Figure Page A Conventional TaxonomyofSoftware Mo deling and Analysis Techniques Eort vs Testing Metho ds Relationship b etween Testing Metho ds and the Design Pro cess TaxonomyofFaults Selection Criteria for Fault Classication Entity Relation Diagram Referential Integrity Constraints Vulnerability Database Vulnerability Database Commands Screen Function Interface Help Window Vulnerability Database Vulnerability Database Commands Screen Function Interface Help Window App endix Figure ix ABSTRACT Taimur Aslam MS Purdue University August A Taxonomy of SecurityFaults in the Unix Op erating System Ma jor Professor Eugene H Spaord Security in computer systems is imp ortant to ensure reliable op eration and protect the integrity of stored information Faults in the implementation can b e exploited to breach security and p enetrate an op erating system These faults must b e identied detected and corrected to ensure reliability and safeguard against denial of service unauthorized mo dication of data or disclosure of information We dene a classication of security faults in the Unix op erating system Westate the criteria used to categorize the faults and present examples of the dierentfault typ es We present the design and implementation details of a database to store vulner ability information collected from dierent sources The data is organized according to our fault categories The information in the database can b e applied in static audit analysis of systems intrusion detection and fault detection We also identify and describ e software testing metho ds that should b e eective in detecting dierent faults in our classication scheme Security is dened relativetoapolicyandinvolves the protection of resources from accidental or malicious disclosure mo dication or destruction web Computer security can b e broadly categorized as Physical security Physical security is the protection of computer facilities against physical threats and environmental hazards It involves the use of lo cks identi cation badges guards p ersonnel clearances and other administrative measures to control the ability to approach communicate with or otherwise make use of any material or comp onent of a data pro cessing system A Information security Information security is the protection of data against acci dental or unauthorized destruction mo dication or disclosure It involves b oth physical security measures and controlled access techniques A Interest in computer security stemmed from protecting information related to matters of national security and grew as computers were used to store medical and nancial records of individuals and proprietary information for business organizations Zwa The security of a computer system is dened by security requirements and is implemented using a security p olicy The requirements vary according to the level of security desired Computer systems op erate with implicit trust the reliabilityof a computer system dep ends on the reliability of its comp onents The securityofa computer system thus involves security of its hardware and software comp onents The critical role played by op erating systems in the op eration of computer systems mak es them prime targets for malicious attacks An op erating system is p enetrated if an unauthorized user gains access to the system or if an authorized user causes a security breachby exploiting a aw in the source co de A total system penetration o ccurs when an unprivileged user gains the ability to execute privileged commands H A p enetration of a system can lead to one or more of the following conse quences Den BS Lin Denial of service Users may b e denied access to legitimate services Degradation of p erformance Performance can b e so p o or that the system is not usable Disclosure of information A user gains unauthorized access to protected infor mation Mo dication of data A user mo dies information in an unauthorized manner Security breaches result from op erational faults co ding faults or environment
Recommended publications
  • UNIX and Computer Science Spreading UNIX Around the World: by Ronda Hauben an Interview with John Lions
    Winter/Spring 1994 Celebrating 25 Years of UNIX Volume 6 No 1 "I believe all significant software movements start at the grassroots level. UNIX, after all, was not developed by the President of AT&T." Kouichi Kishida, UNIX Review, Feb., 1987 UNIX and Computer Science Spreading UNIX Around the World: by Ronda Hauben An Interview with John Lions [Editor's Note: This year, 1994, is the 25th anniversary of the [Editor's Note: Looking through some magazines in a local invention of UNIX in 1969 at Bell Labs. The following is university library, I came upon back issues of UNIX Review from a "Work In Progress" introduced at the USENIX from the mid 1980's. In these issues were articles by or inter- Summer 1993 Conference in Cincinnati, Ohio. This article is views with several of the pioneers who developed UNIX. As intended as a contribution to a discussion about the sig- part of my research for a paper about the history and devel- nificance of the UNIX breakthrough and the lessons to be opment of the early days of UNIX, I felt it would be helpful learned from it for making the next step forward.] to be able to ask some of these pioneers additional questions The Multics collaboration (1964-1968) had been created to based on the events and developments described in the UNIX "show that general-purpose, multiuser, timesharing systems Review Interviews. were viable." Based on the results of research gained at MIT Following is an interview conducted via E-mail with John using the MIT Compatible Time-Sharing System (CTSS), Lions, who wrote A Commentary on the UNIX Operating AT&T and GE agreed to work with MIT to build a "new System describing Version 6 UNIX to accompany the "UNIX hardware, a new operating system, a new file system, and a Operating System Source Code Level 6" for the students in new user interface." Though the project proceeded slowly his operating systems class at the University of New South and it took years to develop Multics, Doug Comer, a Profes- Wales in Australia.
    [Show full text]
  • Secure Telnet
    The following paper was originally published in the Proceedings of the Fifth USENIX UNIX Security Symposium Salt Lake City, Utah, June 1995. STEL: Secure TELnet David Vincenzetti, Stefano Taino, and Fabio Bolognesi Computer Emergency Resource Team Italy Department of Computer Science University of Milan, Italy For more information about USENIX Association contact: 1. Phone: 510 528-8649 2. FAX: 510 548-5738 3. Email: [email protected] 4. WWW URL: http://www.usenix.org STEL Secure TELnet David Vincenzetti Stefano Taino Fabio Bolognesi fvince k taino k b ologdsiunimiit CERTIT Computer Emergency Response Team ITaly Department of Computer Science University of Milan ITALY June Abstract Eavesdropping is b ecoming rampant on the Internet We as CERTIT have recorded a great numb er of sning attacks in the Italian community In fact sning is the most p opular hackers attack technique all over the Internet This pap er presents a secure telnet implementation whichhas b een designed by the Italian CERT to makeeavesdropping ineective to remote terminal sessions It is not to b e considered as a denitive solution but rather as a bandaid solution to deal with one of the most serious security threats of the moment Intro duction STEL stands for Secure TELnet We started developing STEL at the University of Milan when we realized that eavesdropping was a very serious problem and we did not like the freeware solutions that were available at that time It was ab out three years ago Still as far as we know e tapping problem and there are no really satisfying
    [Show full text]
  • Unix Security
    Unix Security Vulnerability Assessment Course All materials are licensed under a Creative Commons “Share Alike” license. ■ http://creativecommons.org/licenses/by-sa/3.0/ 2 Agenda ■ Why assess ■ Where are we in the process ■ What’s needed ■ Defining vulnerabilities ■ NIST 800-53A controls ■ Assessment Exercise ■ Security Exercise ■ Conclusion 3 Vulnerability Assessment ■ Provides the opportunity to address weaknesses before an enemy can exploit them ■ Implementation: Scanning tools that identify vulnerabilities in computer hardware, software, networks and operating systems ■ Common techniques – Multiple tools – one tool may not identify all vulnerabilities – Ability to identify backdoors security perimeter, e.g. modems, VPNs, etc. – all potential vulnerabilities need to be assessed – Correction verification mechanism – ability to check if vulnerability has been eliminated ■ Compliance with OMB, DOD, DHS policy – Utilize NIST 800-53 and 800-53A – DOD 8500 series 4 What’s Needed ■ Unix experience – Hands on experience: configuration, managing, building various Unix systems – Working knowledge of best practices ■ Security Experience – Intimate knowledge of how to secure a system – Prior experience with CIS Benchmark, DISA STIG/SRR ■ Data Collection – Network scans from NMAP and Nessus – Host output from any data collection tools ■ Other Skills – Need to work with administrators – Put vulnerability in their language – Be tedious while looking for vulnerabilities – Work well in a team 5 Defining Unix Vulnerability Assessment ■ Defining Unix Vulnerability Assessment – Unix Vulnerability Assessment – Unix Security Issues – Security Paradigm – System Hardening: The CIS Philosophy – Network Based Vulnerability Scanning – Host (Local) Vulnerability Scanning – Remote vs. Local Vulnerability Scanning – Common Problems and Issues – Mitigation 6 Unix Vulnerability Assessment ■ Definition – Examining the operating characteristics of a Unix environment remotely and locally in order to accurately assess its security posture (or profile).
    [Show full text]
  • Getting Started Computing at the Al Lab by Christopher C. Stacy Abstract
    MASSACHUSETTS INSTITUTE OF TECHNOLOGY ARTIFICIAL INTELLI..IGENCE LABORATORY WORKING PAPER 235 7 September 1982 Getting Started Computing at the Al Lab by Christopher C. Stacy Abstract This document describes the computing facilities at the M.I.T. Artificial Intelligence Laboratory, and explains how to get started using them. It is intended as an orientation document for newcomers to the lab, and will be updated by the author from time to time. A.I. Laboratory Working Papers are produced for internal circulation. and may contain information that is, for example, too preliminary or too detailed for formal publication. It is not intended that they should be considered papers to which reference can be made in the literature. a MASACHUSETS INSTITUTE OF TECHNOLOGY 1982 Getting Started Table of Contents Page i Table of Contents 1. Introduction 1 1.1. Lisp Machines 2 1.2. Timesharing 3 1.3. Other Computers 3 1.3.1. Field Engineering 3 1.3.2. Vision and Robotics 3 1.3.3. Music 4 1,3.4. Altos 4 1.4. Output Peripherals 4 1.5. Other Machines 5 1.6. Terminals 5 2. Networks 7 2.1. The ARPAnet 7 2.2. The Chaosnet 7 2.3. Services 8 2.3.1. TELNET/SUPDUP 8 2.3.2. FTP 8 2.4. Mail 9 2.4.1. Processing Mail 9 2.4.2. Ettiquette 9 2.5. Mailing Lists 10 2.5.1. BBoards 11 2.6. Finger/Inquire 11 2.7. TIPs and TACs 12 2.7.1. ARPAnet TAC 12 2.7.2. Chaosnet TIP 13 3.
    [Show full text]
  • Computer Network Security Protocols: a Review
    International Journal of Enhanced Research in Management & Computer Applications ISSN: 2319-7471, Vol. 5 Issue 1, January-2016 Computer Network Security Protocols: A Review Anil Kumar Programmer-Cum-Networking Engineer, Haryana Roadways, Transport Department, Govt of Haryana, India. ABSTRACT Network security is a complicated subject, historically only tackled by well-trained and experienced experts. However, as more and more people become ``wired'', an increasing number of people need to understand the basics of security in a networked world. This document was written with the basic computer user and information systems manager in mind, explaining the concepts needed to read through the hype in the marketplace and understand risks and how to deal with them. Keywords: Protocol, Security, Secure Socket Layer (SSL) and Transport Layer Security (TLS) Protocols; secure IP (IPSec); Secure HTTP (S-HTTP), secure E-mail (PGP and S/MIME), DNDSEC, SSH. 1. INTRODUCTION The rapid growth of the Internet as bothan individual and business communication channel has created a growing demand forsecurity and privacy in this electronic communication channel. Security and privacy are essential if individual communication is to continue ande-commerce is to thrivein cyberspace. The call for and desire for security and privacy has led to several security protocols and standards. Among these are: Secure Socket Layer (SSL) and Transport Layer Security (TLS) Protocols; secure IP (IPSec); Secure HTTP (S-HTTP), secure E-mail ( PGP and S/MIME), DNDSEC, SSH, and others. In this paper I discuss these protocols and standards within the framework of the network protocol stack as follow: Application Layer Transport Layer Network Layer Data Link Layer: PGP, SSL IPSec PPP S/MIME TLS VPN RADIUS S-HTTP TACACS+ HTTPS SET KERBEROS 2.
    [Show full text]
  • Unix Security Overview: 1
    CIS/CSE 643: Computer Security (Syracuse University) Unix Security Overview: 1 Unix Security Overview 1 User and Group • Users – root: super user (uid = 0) – daemon: handle networks. – nobody: owns no files, used as a default user for unprivileged operations. ∗ Web browser can run with this mode. – User needs to log in with a password. The encrypted password is stored in /etc/shadow. – User information is stored in /etc/passwd, the place that was used to store passwords (not anymore). The following is an example of an entry in this file. john:x:30000:40000:John Doe:/home/john:/usr/local/bin/tcsh • Groups – Sometimes, it is more convenient if we can assign permissions to a group of users, i.e. we would like to assign permission based on groups. – A user has a primary group (listed in /etc/passwd), and this is the one associated to the files the user created. – Any user can be a member of multiple groups. – Group member information is stored in /etc/group % groups uid (display the groups that uid belongs to) – For systems that use NIS (Network Information Service), originally called Yellow Page (YP), we can get the group information using the command ypcat. % ypcat group (can display all the groups and their members) 2 File Permissions • File Permissions – The meaning of the permission bits in Unix. ∗ Owner (u), Group (g), and Others (o). ∗ Readable (r), Writable (w), and Executable (x). ∗ Example: -rwxrwxrwx (777) • Permissions on Directories: – r: the directory can be listed. – w: can create/delete a file or a directory within the directory.
    [Show full text]
  • Evaluating UNIX Security Previous Screen Allen B
    84-01-15.1 Evaluating UNIX Security Previous screen Allen B. Lum Payoff The UNIX operating system's basic security features include password protection, access permission, user profiles, shell scripts, and file ownership. Because new and enhanced UNIX security features are continually being added to these features in response to the demands of an increasingly competitive user community, information security professionals must begin with an understanding of the basic UNIX security environment. This article covers the fundamental security features that can be found in most of the currently available versions of the UNIX operating system. Several checklists are included at the end of the article to assist administrators in ensuring the security of UNIX systems. Problems Addressed The UNIX operating system was originally developed for use by programmers within an open systems environment. The adoption of UNIX as a common operating system across several different platforms has increased the need for security beyond its original purpose. As a result, many UNIX installations have less than optimal security. In addition, there are several versions of UNIX on the market today with differing security features. This article discusses basic access controls (e.g., passwords) and directory and file permissions within the UNIX system. The concepts discussed are applicable to all versions of UNIX unless specifically noted otherwise. UNIX History As the majority of UNIX users know, UNIX was developed at AT Bell Laboratories in the late 1960s by Thompson and Ritchie; the name UNIXis a contraction of uni and multics. The original UNIX system software was written in the assembler language to run on the digital PDP-7 computer.
    [Show full text]
  • Allan Unix Newsletter
    allan Unix User Gro Newsletter ~folume 5 rnber 1 The Australian UNIX* Users Group Newsletter Volume V Number i CONTENTS Editorial 2 Survey Responses 2 New Newsletters 3 Next AUUG Meeting 3 Books 4 Book Review 6 Nets 8 AUNET Directory Ii Netnews 28 Clippings 34 Symposium on UNIX 38 Review of August 1983 AUUG Meeting 39 From the EUUG Newsletter 49 From ;login: 61 USENIX Technical Sessions at UNIFORUM 65 Letters 95 February 1984 AUUG Meeting Details 102 Copyright (c) 1984. AUUGN is the journal of the Australian UNIX User Group, Copying without fee is permitted provided that copies are not made or distributed for commercial advantage and credit to the source is given. Abstracting with credit is permitted, No other reproduction is permitted without the prior permission of the Australian UNIX User Group, * UNIX is a trademark of Bell Telephone Laboratories, AUUGN Vol V No i Editorial Do you have the feeling you have missed something in the last few years? Have your doors been blowing closed more often because you cannot find those old AUUGN issues? Well, have no fear, the editor who brought you volumes two and three has returned to bring you volume five. I would like to take this opportunity to apologise to all our regular subscribers for the problems they may have experienced in dealing with the editors of AUUGN during 1982 and 1983. Particular apologies must go to subscribers like the CSIRO, who paid for volume IV and received nothing. Well, enough of problems, on to the good stuff! In This Issue You will notice the appearance of a few new departments in this volume.
    [Show full text]
  • User-Level Window Managers for UNIX
    User-LevelWindowManagers for UNIX Robert J.K. Jacob NavalResearch Laboratory Washington, D.C. 20375 ABSTRACT Wm manages a collection of windows on a display terminal. Each windowhas its ownshell or other interactive program, running in parallel with those in the other win- dows. This permits a user to conduct several interactions with the system in parallel, each in its own window. The user can move from one windowtoanother,re-position a window, orcreate or delete a windowatany time without losing his or her place in anyof the windows. Windows can overlap or completely obscure one another; obscured win- dows can be "lifted" up and placed on top of the other windows. This paper describes howsuch a windowmanager for UNIX† is implemented as a set of user processes, without modifications to the UNIX kernel. It shows howthe sim- ple, but well-chosen facilities provided by the original (Version 6) UNIX kernel are suffi- cient to support wm.Inaddition, subsequent versions of wm exploit features of the kernel introduced into newer versions of UNIX to provide faster and more sophisticated window operations, still implemented entirely at the user level. Introduction This paper describes the design of a display windowmanager for UNIX implemented entirely as a set of user processes, without modifications to the UNIX kernel. It shows howthe simple facilities provided by the original (Version 6) UNIX kernel are sufficient to support such a windowmanager.Inaddition, more recent versions of the windowmanager exploit features of the kernel introduced into newer versions of UNIX to provide faster and more sophisticated operations in windows, still implemented entirely outside the kernel.
    [Show full text]
  • Storage Organization and Management in TENEX I. Introduction
    Storage Organization and Management in TENEX http://www.linique.com/dlm/tenex/fjcc72/ Storage Organization and Management in TENEX by Daniel L. Murphy Presented at the Fall Joint Computer Conference, 1972. Originally published in AFIPS Conference Proceedings Volume 41. I. Introduction In early 1969, BBN began an effort aimed at developing a new time-shared operating system. It was felt at the time that none of the commercially available systems could meet the needs of the research planned and in progress at BBN. The foremost requirement of the desired operating system was that it support a directly addressed process memory in which large list-processing computations could be performed. The cost of core storage prohibited the acquisition of sufficient memory for even one such process, and the problems of swapping such very large processes in a time-sharing environment made that solution technically infeasible as well. Paging was therefore the logical alternative, and our study and experience with list processing systems(1,2) led us to believe that using a demand-paged virtual memory system for such computations was a feasible approach. With demand paged process virtual memory added to our requirements, we found no existing system which could adequately meet our needs. Our approach was to take an existing system which was otherwise appropriate and add the necesary hardware to support paging. The system chosen was the DEC PDP-10 (3), which, although not paged, was available with a time-shared operating system and substantial support software. Consideration was given to modifying the existing PDP-10 operating system to support demand paging, but that approach was rejected because of the substantial amount of work which would be required, because of the inherent constraints imbedded in the architecture of any large system, and because development of a new operating system would allow the inclusion of a great many other features and facilities which were judged desirable.
    [Show full text]
  • NWG/RFC# 752 MRC 2-Jan-79 01:22 Nnnnn a Universal Host Table
    NWG/RFC# 752 MRC 2-Jan-79 01:22 nnnnn A Universal Host Table Network Working Group Mark Crispin Request for Comments 752 SU-AI NIC nnnnn 2 January 1979 A Universal Host Table ABSTRACT: The network host table in use at MIT and Stanford is described. This host table is superior to the NIC and Tenex host tables in several ways. A binary file, compiled from this host table, is also described. This file is used by subsystems on MIT's ITS and Stanford's WAITS timesharing systems for efficiency in host and network lookups. HISTORY: As with many other sites on the Arpanet, we found the NIC's host table unsuited to our needs. Part of the problem was because the NIC host table was often inaccurate and all too often failed to include several nicknames in common usage in our communities. In addition, the NIC host table's format was awkward for user programs to use, especially those which wanted to have the host table mapped into memory in some sort of structured binary form for efficient lookups. Finally, the NIC host table neglects to include some essential information. The ITS host table was originally designed to be compiled along with a network handling program (MIDAS, the PDP-10 assembler used, has a pseudo-op to insert a file into an assembly). In order to make the host table palatable to the assembler, every comment line began with a semicolon, and every actual data line began with the word HOST. Each program which used the host table defined HOST as an assembly macro before inserting the host table into the assembly.
    [Show full text]
  • Engineering Strategy Overview Preliminary
    March 1982 Engineering Preliminary Strategy Company Overview Confidential If.-t8···· L..4L ~ \:')' j.~.! / .;.' ' 1985 1990 1995 2000 - P,O S SIB L E DEC PRO Due T S - $lJOO cellular radio net discontinouous.100 word ~ lim! ted context HANDHELD speaker independent speaker independent $1.0K speech recogn. • sketchpad , interpretation Glata structures , ' & relat~onsh~ps object filing natural languaqe (invisible, protected structures) $40K I CAB I NET I ,4 (dedicated fixture) ~~~n limited context [:~~~~e~ ~~~:~~i:ti~n ~ ak rind pendent • voice ~tuate~ retrieval spe ~ e _ .. • te1econferenc1ng center cont1nued speechlrecogn~tion " ;., encryption associa tiveJparallel a;;;'e'los (, ..j." .---~ provide CAtt= ASSISTANT -------...--- .. • LIBRARlj\N ~ ?ertified "best match" retrieval ~ (secure) os (holographic? ) $650K BD 1/15/81 PRELIMINARY ENGINEERING STRATEGY OVERVIEW MARCH lYtil SECONIJ IJRAFT PRELIMINARY ENGINEERING STRATEGY OVERVIEW TABLE OF CONTENTS ,Preface Chapter I fhe Product Strategy and Transitioning to the Fifth Generation - Product Strategy Overview - The Transitions - Personal Computer Clusters, PCC, Are An Alternative to Timeshared Computers - The Product Strategy - Fifth and Sixth Computer Technology Generations - Uistributed Processing and Limits to Its Growth Chapter II Essays on the Criteria for Allocation of Engineering Resources - Overview, - Heuristics for Building Great Products, - Proposed Resource Allocation Criteria - UEC's Position in the VAN - Buyout Philosophy/Process/Criteria - Example of a "Make vs Buy" Analysis - Engineering Investment Sieve Chapter III Essays on Strategic Threats and Opportunities - Uverview, - Strategic Threats - Getting Organized in Engineering and Manufacturing to Face Our Future Competitors p - View of Competitors ---~,.~".~.-~ l f;t-1) IPrT Co?"! v. 7U/L, / IJ ...J - Te-Iecommunications Environment ) ;2f e-c.. - Competitive TeChnology Exercise, ltv • Chapter IV TeChnology Managers Committee Report ,MC- .
    [Show full text]