1. NCSC/Evaluate VMS/SE VMS 2. Document ACCPORNAM interface so all DIgital and 3rd party network code can use it. 3. expand it to handle general case or suggest easy workaround 4. Use it everywhere 5. Accounting changes to merge PSI accounting, support addition event record for device associations, include virtual, physical, and ACCPORNAM information 6. LOGINOUT interface for user authenticators 7. PSI: logging, audit, accounting, server acceess controls 8. Improve method of communicating Security Bugs & Fixes 9. improve granularity of VMS privileges 10. TCP/IP, NFS security support, interfaces available to 3rd party suppliers and CMU TCP/IP developers 11. ACLS based on true source machine for network logins [2^32 up to 2^64 machines, hard to list all of them by network id, not much smaller space] 12. ACL editor improvements 13. Security Managment improvements: An easy technique to manage large ACLs on specific directory trees. A method to force the use of a secific set of leading ACLs on a directory tree. 14. An efficient method that distinguishes off node accesses from WORLD accesses [NETWORK ace??] 15. Support for running without a UIC based directory or diskquota: eg: TMP/TMD problem MAIL, editor temporary file ownership problem spooled files problem 16. PROTECTED SUBSYSTEMS 17. IMPERSONATION SERVICES 18. Site specific logout command file/server [even given the lack of guarentee of execution in abnormal termination.] 19. Guarenteed Integrity of System Disk System Disk free of possibily classified data [ DSSA ? ] 20. Privilege Expiration 21. Replace USERNAME, PASSWORD prompts 22. hard PW expiration option [SYS$EXAMPLES:] 23. Audit MAIL (to, from, etc) 24. user problem alarms 25. user problem journalling 26. OUT OF BAND Terminal lock code (ala Securie server?) 27. True source machine for network connections [DSSA and non-DSSA nets] 28. pass info such as "dialin source" identifiers of various levels with network connection and NAS remote accesses. 29. DSSA defined