Chapter 4 Protecting Data

Table of Contents

Contents of a User's Security Profile

Per-Thread Security
Persona Security Block Data Structure (PSB)
Previous Security Model
Per-Thread Security Model
User Identification Code (UIC)
Rights Identifiers
Privileges

Security Profile of Objects

Definition of a Protected Object
Contents of an Object's Profile
Displaying a Security Profile
Modifying a Security Profile
Specifying an Object's Class
Access Required to Modify a Profile

How the System Determines If a User Can Access a Protected Object

Controlling Access with ACLs

Using Identifier Access Control Entries (ACEs)
Granting Access to Particular Users
Preventing Users from Accessing an Object
Limiting Access to a Device
Limiting Access to an Environment
Ordering ACEs Within a List
Establishing an Inheritance Scheme for Files
Displaying ACLs
Adding ACEs to an Existing ACL
Deleting an ACL
Deleting ACEs from an ACL
Replacing Part of an ACL
Restoring a File's Default ACL
Copying an ACL

Controlling Access with Protection Codes

Format of a Protection Code
Types of Access in a Protection Code
Processing a Protection Code
Changing a Protection Code
Enhancing Protection for Sensitive Objects
Providing a Default Protection Code for a Directory Structure
Restoring a File's Default Security Profile

Understanding Privileges and Control Access

How Privileges Affect Protection Mechanisms
Using Control Access to Modify an Object Profile
Object-Specific Access Considerations

Auditing Protected Objects

Kinds of Events the System Audits
Enabling Auditing for a Class of Objects
Adding Security-Auditing ACEs

This chapter extends the discussion of security design introduced in Chapter 2 “OpenVMS Security Model”. It describes how the operating system controls the way a user process or an application can access a protected object.

To summarize, the operating system controls access to any object that contains shareable information. These objects are known as protected objects. Devices, volumes, logical name tables, files, common event flag clusters, group and system global sections, resource domains, queues, capabilities, and security classes fall into this category. An accessing process carries credentials in the form of rights identifiers, and all protected objects list a set of access requirements specifying who has a right to access the object in a given manner.

This chapter:

Describes the types of identification the system assigns to processes to define their access rights to objects (“Contents of a User's Security Profile”)
Looks at the access controls that objects can hold (“Security Profile of Objects”)
Shows how the operating system processes access requests (“How the System Determines If a User Can Access a Protected Object”)
Explains how to control access to objects (Sections “Controlling Access with ACLs”, “Controlling Access with Protection Codes”, “Understanding Privileges and Control Access”, and “Auditing Protected Objects”)

Chapter 5 “Descriptions of Object Classes” describes the unique features of each class of protected object.

Chapter 4 Protecting Data

» Table of Contents

» Glossary

» Index