HP OpenVMS Systems Documentation

Content starts here

OpenVMS Guide to System Security

Begin Index

Contents (summary)
Preface Preface
Part I Security Overview
Chapter 1 Understanding System Security
Chapter 2 OpenVMS Security Model
Part II Security for the User
Chapter 3 Using the System Responsibly
Chapter 4 Protecting Data
Chapter 5 Descriptions of Object Classes
Part III Security for the System Administrator
Chapter 6 Managing the System and Its Data
Chapter 7 Managing System Access
Chapter 8 Controlling Access to System Data and Resources
Chapter 9 Security Auditing
Chapter 10 System Security Breaches
Chapter 11 Securing a Cluster
Chapter 12 Security in a Network Environment
Chapter 13 Using Protected Subsystems
Appendix A Assigning Privileges
Appendix B Protection for OpenVMS VAX System Files
Appendix C Running an OpenVMS System in a C2 Environment
Appendix D Alarm Messages


Preface Preface
Part I
Part I Security Overview
Chapter 1
1 Understanding System Security
     1.1     Types of Computer Security Problems
     1.2     Levels of Security Requirements
     1.3     Building a Secure System Environment
Chapter 2
2 OpenVMS Security Model
     2.1     Structure of a Secure Operating System
         2.1.1         Reference Monitor Concept
         2.1.2         How the Reference Monitor Enforces Security Rules
     2.2     Implementation of the Reference Monitor
         2.2.1         Subjects
         2.2.2         Objects
         2.2.3         Authorization Database
         2.2.4         Audit Trail
         2.2.5         Reference Monitor
         2.2.6         Authorization Database Represented as an Access Matrix
     2.3     Summary: System Security Design
Part II
Part II Security for the User
Chapter 3
3 Using the System Responsibly
     3.1     Choosing a Password for Your Account
         3.1.1         Obtaining Your Initial Password
         3.1.2         Observing System Restrictions on Passwords
     3.2     Knowing What Type of Password to Use
         3.2.1         Entering a System Password
         3.2.2         Entering a Secondary Password
     3.3     Password Requirements for Different Types of Accounts
     3.4     Types of Logins and Login Classes
         3.4.1         Logging In Interactively: Local, Dialup, and Remote Logins
         3.4.2         Logging In Using External Authentication
         3.4.3         Reading Informational Messages
         3.4.4         When the System Logs In for You: Network and Batch Logins
     3.5     Login Failures: When You Are Unable to Log In
         3.5.1         Using a Terminal That Requires a System Password
         3.5.2         Observing Your Login Class Restrictions
         3.5.3         Using an Account Restricted to Certain Days and Times
         3.5.4         Failing to Enter the Correct Password During a Dialup Login
         3.5.5         Knowing When Break-In Evasion Procedures Are in Effect
     3.6     Changing Your Password
         3.6.1         Selecting Your Own Password
         3.6.2         Using Generated Passwords
         3.6.3         Changing a Secondary Password
         3.6.4         Changing Your Password As You Log In
     3.7     Password and Account Expiration Times
         3.7.1         Changing an Expired Password
         3.7.2         Renewing an Expired Account
     3.8     Guidelines for Protecting Your Password
     3.9     Network Security Considerations
         3.9.1         Protecting Information in Access Control Strings
         3.9.2         Using Proxy Login Accounts to Protect Passwords
     3.10     Auditing Access to Your Account and Files
         3.10.1         Observing Your Last Login Time
         3.10.2         Adding Access Control Entries to Sensitive Files
         3.10.3         Asking Your Security Administrator to Enable Auditing
                Auditing File Access
                Additional Events to Audit
     3.11     Logging Out Without Compromising System Security
         3.11.1         Clearing Your Terminal Screen
         3.11.2         Disposing of Hardcopy Output
         3.11.3         Removing Disconnected Processes
         3.11.4         Breaking the Connection to a Dialup Line
         3.11.5         Turning Off a Terminal
     3.12     Checklist for Contributing to System Security
Chapter 4
4 Protecting Data
     4.1     Contents of a User's Security Profile
         4.1.1         Per-Thread Security
         4.1.2         Persona Security Block Data Structure (PSB)
         4.1.3         Previous Security Model
         4.1.4         Per-Thread Security Model
         4.1.5         User Identification Code (UIC)
                Format of a UIC
                Guidelines for Creating a UIC
                How Your Process Acquires a UIC
         4.1.6         Rights Identifiers
                Types of Identifiers
                Process and System Rights Lists
                Displaying the Rights Identifiers of Your Process
                How Rights Identifiers Appear in the Audit Trail
         4.1.7         Privileges
     4.2     Security Profile of Objects
         4.2.1         Definition of a Protected Object
         4.2.2         Contents of an Object's Profile
                Protection Code
                Access Control List (ACL)
         4.2.3         Displaying a Security Profile
         4.2.4         Modifying a Security Profile
         4.2.5         Specifying an Object's Class
         4.2.6         Access Required to Modify a Profile
     4.3     How the System Determines If a User Can Access a Protected Object
     4.4     Controlling Access with ACLs
         4.4.1         Using Identifier Access Control Entries (ACEs)
         4.4.2         Granting Access to Particular Users
         4.4.3         Preventing Users from Accessing an Object
         4.4.4         Limiting Access to a Device
         4.4.5         Limiting Access to an Environment
         4.4.6         Ordering ACEs Within a List
         4.4.7         Establishing an Inheritance Scheme for Files
         4.4.8         Displaying ACLs
         4.4.9         Adding ACEs to an Existing ACL
         4.4.10         Deleting an ACL
         4.4.11         Deleting ACEs from an ACL
         4.4.12         Replacing Part of an ACL
         4.4.13         Restoring a File's Default ACL
         4.4.14         Copying an ACL
     4.5     Controlling Access with Protection Codes
         4.5.1         Format of a Protection Code
         4.5.2         Types of Access in a Protection Code
         4.5.3         Processing a Protection Code
         4.5.4         Changing a Protection Code
         4.5.5         Enhancing Protection for Sensitive Objects
         4.5.6         Providing a Default Protection Code for a Directory Structure
         4.5.7         Restoring a File's Default Security Profile
     4.6     Understanding Privileges and Control Access
         4.6.1         How Privileges Affect Protection Mechanisms
         4.6.2         Using Control Access to Modify an Object Profile
         4.6.3         Object-Specific Access Considerations
     4.7     Auditing Protected Objects
         4.7.1         Kinds of Events the System Audits
         4.7.2         Enabling Auditing for a Class of Objects
         4.7.3         Adding Security-Auditing ACEs

Previous Next Contents Index