HP OpenVMS Systems Documentation

Content starts here

OpenVMS Programming Concepts Manual

Previous Contents Index

Chapter 31
31 Creating User-Written System Services
     31.1     Overview
     31.2     Writing a Privileged Routine (User-Written System Service)
     31.3     Creating a Privileged Shareable Image (VAX Only)
         31.3.1         Creating User-Written Dispatch Routines on VAX Systems
         31.3.2         Creating a PLV on VAX Systems
         31.3.3         Declaring Privileged Routines as Universal Symbols Using Transfer Vectors on VAX Systems
     31.4     Creating a User-Written System Service (Alpha Only)
         31.4.1         Creating a PLV on Alpha Systems
         31.4.2         Declaring Privileged Routines as Universal Symbols Using Symbol Vectors on Alpha Systems
Chapter 32
32 System Security Services
     32.1     Overview of the Operating System's Protection Scheme
     32.2     Identifiers
         32.2.1         Identifier Format
         32.2.2         General Identifiers
         32.2.3         System-Defined Identifiers
         32.2.4         UIC Identifiers
         32.2.5         Facility Identifiers
         32.2.6         Identifier Attributes
     32.3     Rights Database
         32.3.1         Initializing a Rights Database
         32.3.2         Using System Services to Affect a Rights Database
                Translating Identifier Values and Identifier Names
                Adding Identifiers and Holders to the Rights Database
                Determining Holders of Identifiers
                Determining Identifiers Held by a Holder
                Modifying the Identifier Record
                Modifying a Holder Record
                Removing Identifiers and Holders from the Rights Database
         32.3.3         Search Operations
         32.3.4         Modifying a Rights List
     32.4     Persona (Alpha Only1)
         32.4.1         Impersonation Services (Alpha Only)
                Using Impersonation System Services
         32.4.2         Per-Thread Security (Alpha Only)
                Previous Security Model
                Per-Thread Security Model
         32.4.3         Persona Extensions (Alpha Only)
     32.5     Managing Object Protection
         32.5.1         Protected Objects
         32.5.2         Object Security Profile
                Displaying the Security Profile
                Modifying the Security Profile
         32.5.3         Types of Access Control Entries
                Design Considerations
                Translating ACEs
                Creating and Maintaining ACEs
     32.6     Protected Subsystems
     32.7     Security Auditing
     32.8     Checking Access Protection
         32.8.1         Creating a Security Profile
         32.8.2         SYS$CHKPRO System Sevice
         32.8.3         SYS$CHECK_ACCESS System Service
     32.10     Implementing Site-Specific Security Policies
         32.10.1         Creating Loadable Security Services
                Preparing and Loading a System Service
                Removing an Executive Loaded Image
         32.10.2         Installing Filters for Site-Specific Password Policies
                Creating a Shareable Image
                Installing a Shareable Image
Chapter 33
33 Authentication and Credential Management (ACM) System Service
     33.1     Identification, Authentication, and Authorization
     33.2     ACME Subsystem Components
     33.3     SYS$ACM[W] Call Mechanics
         33.3.1         SYS$ACM[W] Function Codes
         33.3.2         SYS$ACM[W] Function Modifiers
         33.3.3         Status Returned by the SYS$ACM[W] System Service
                When the Return Status Indicates Failure
                When the Return Status Indicates Success
                        When the Primary Status Indicates an Item Code Failure
                        When the Primary Status is ACME$_OPINCOMPL
         33.3.4         Item Codes
                Common vs. ACME-Specific Item Codes
                Distinguishing Between Input and Output Item Codes
                Text vs. Nontext Items
                Single-Valued vs. Multivalued Item Semantics
         33.3.5         Item Lists
                Item List Chains
         33.3.6         The ACM Communications Buffer and Itemset
         33.3.7         Itemset Entries
         33.3.8         Synchronization of Your System Service Calls
     33.4     Authentication Techniques
         33.4.1         Nondialogue Mode Operation
         33.4.2         Dialogue Mode Operation
         33.4.3         Login Categories and Classes
         33.4.4         Principal Names
         33.4.5         Targeting Your System Service Calls
                DOI Names
                When to Use DOI_NAME vs. DOI_ID
                Looking Up DOI and ACME IDs
         33.4.6         Determining ACME Information with the Query Function
         33.4.7         Reporting an Event
     33.5     Authentication Scenarios
         33.5.1         Simple User Authentication
         33.5.2         Evaluating Status Codes
         33.5.3         Password Change Dialogue
         33.5.4         Reauthentication of Current User
         33.5.5         Manipulating Personas
         33.5.6         Using CREPRC on Behalf of a User
     33.6     Authentication Examples
         33.6.1         Example Using Nondialogue Mode (C)
         33.6.2         Example Using Dialogue Mode (Pascal)

Previous Next Contents Index