The TNI [NCSC-TG-005] describes a Network Trusted Computing Base (NTCB) as:
The totality of protection mechanisms within a network system---including hardware, firmware, and software---the combination of which is responsible for enforcing a security policy.
For NetWare Enhanced Security, the NTCB is distributed among multiple heterogeneous client and server NTCB partitions. The server NTCB partition contains the trusted hardware, firmware, and software that implement the security policies enforced by the server component.
Because untrusted software is not permitted on the server, the entire server is included in the server NTCB partition. The implications of this are:
Users access the server's protected resources by running application programs at client workstations. These applications send the following types of protocol messages to the server to request the server to perform specific services:
NCPTM (NetWare Core Protocol)TM |
NCP includes approximately 500 messages that provide connection services, file system services, messaging services, queue/print services, NDS services, etc. See Concepts. |
SMSP (Storage Management ServicesTM Protocol) |
SMSP is used by backup software to backup and restore the server's file system and NDS data. The evaluated server includes facilities to act as both an SMSP client (namely, SBACKUP) and SMSP server. Evaluated clients may include facilities to act as clients and/or servers. |
PSSCP (Print Server Status and Control Protocol) |
PSSCP is used by printer users and operators (at network clients) to control printing of the current print job. |
PCP (Printer Communications Protocol) |
PCP is used to configure printers, send print jobs to printers, and determine the printer status. In the NetWare Enhanced Security configuration, all network printers are connected to a server, and PCP is a server-to-server protocol. |