Found it online. Should have looked before clicking "SEND".
Here's the abstract:
-- tear here ---
Penetrating an operating system: a study of VM/370 integrity
by C. R. Attanasio, P. W. Markstein, R. J. Phillips
Discussed is a methodology for discovering operating system design flaws
as an approach to learning system design techniques that may make
possible greater data security. Input/output has been found to be
involved in most of the weaknesses discovered by a study team in a
particular version of the system. Relative design simplicity was found
to be the source of greatest protection against penetration efforts.
--- tear here --
You can find the article at this URL:
http://www.research.ibm.com/journal/sj/151/ibmsj1501H.pdf
-dan.
Daniel P. Martin wrote:
There's an article in the IBM Systems Journal, some time in the late
1970's, that discusses what amounts to a penetration test study of
that vintage of VM. If I recall correctly, the authors exposed some
interesting quirks in the I/O subsystem as the major exposure to
mischief.
I've got a copy of the article buried somewhere in my paper ephemera.
If you're interested and don't find a better source, I'll dig up the
publication info and can perhaps locate my copy of the article.
-dan.
Schuh, Richard wrote:
Does anyone know of a documented case of VM being penetrated by hackers?
Regards,
Richard Schuh
