Foreword

In the early part of my career, I attended a forum on information security convened by the Office of Technology Assessment for the United States Congress. As a cryptography researcher, I was expecting extensive technical discussion about encryption and digital signature algorithms. Instead, I was reminded that cryptographic algorithms played only a part in solving a bigger problem, one with multiple aspects represented by the various participants : how to make a full system secure.

HP NonStop Server Security again renews this perspective, and takes it one step further.

Cryptography researchers have identified many good design principles for algorithms, which have resulted in a number of remarkable algorithms over the years . Information security experts have likewise identified good design principles for secure systems.

To make a full system secure, however, administrators need more than good ideas. While there may be only a few algorithms in use, a system has many components and programs, and every component is a potential avenue for attack, morever, each component is unique. Administrators therefore need not only to know the principles, but also guidance on how to apply them in each situation.

HP NonStop Server Security provides that kind of information. Direct and concise , it provides readable advice on the key decisions in safeguarding the numerous components of the HP NonStop environment ”just the kind of approach that administrators can use to put security principles into practice.

HP NonStop Servers protect critical resources for organizations worldwide, so it is no surprise that they would be potential targets of attack. HP NonStop Server Security is a helpful addition to organizations' tools for managing these systems, and in their panoply in the continuing battle for information security.

Burt Kaliski RSA Laboratories Bedford, Massachusetts, USA
August 12, 2003