Part III Security for the System Administrator
» Table of Contents |  | | » Glossary | | | » Index | | |
| | |
| ||
| ||
The chapters in this part discuss the following topics:
Role of a security administrator (Chapter 6 “Managing the System and Its Data”)
Securing the system (Chapter 7 “Managing System Access”)
Securing data and resources (Chapter 8 “Controlling Access to System Data and Resources”)
Security auditing (Chapter 9 “Security Auditing”)
Responding to security breaches (Chapter 10 “System Security Breaches”)
Creating a secure cluster (Chapter 11 “Securing a Cluster”)
Considerations for networked systems (Chapter 12 “Security in a Network Environment”)
Setup and management of protected subsystems (Chapter 13 “Using Protected Subsystems”)
This part of the manual also includes information on the following topics:
User privileges and who may need them (Appendix A “Assigning Privileges”)
Default UIC-based protection of critical system files (Appendix B “Protection for OpenVMS System Files”)
Guidelines for operating in a C2 security environment (Appendix C “Running an OpenVMS System in a C2 Environment”)
Examples of security alarm messages (Appendix D “Alarm Messages”)
Table of Contents
- 6 Managing the System and Its Data
- 7 Managing System Access
- Defining Times and Conditions for System Access
- Assigning Appropriate Accounts to Users
- Using Passwords to Control System Access
- Enabling External Authentication
- Overriding External Authentication
- Impact on Layered Products and Applications
- Setting a New Password
- Case Sensitivity in Passwords and User Names
- User Name Mapping and Password Verification
- Password Synchronization
- Specifying the SYS$SINGLE_SIGNON Logical Name Bits
- Authentication and Credentials Management Extensions (ACME) Subsystem
- Controlling the Login Process
- 8 Controlling Access to System Data and Resources
- 9 Security Auditing
- Overview of the Auditing Process
- Reporting Security-Relevant Events
- Developing an Auditing Plan
- Methods of Capturing Event Messages
- Analyzing a Log File
- Managing the Auditing Subsystem
- Tasks Performed by the Audit Server
- Disabling and Reenabling Startup of the Audit Server
- Changing the Point in Startup When the Operating System Initiates Auditing
- Choosing the Number of Outstanding Messages That Trigger Process Suspension
- Reacting to Insufficient Memory
- Maintaining the Accuracy of Message Time-Stamping
- Adjusting the Transfer of Messages to Disk
- Allocating Disk Space for the Audit Log File
- Error Handling in the Auditing Facility
- 10 System Security Breaches
- 11 Securing a Cluster
- 12 Security in a Network Environment
- 13 Using Protected Subsystems
- A Assigning Privileges
- ACNT Privilege (Devour)
- ALLSPOOL Privilege (Devour)
- ALTPRI Privilege (System)
- AUDIT Privilege (System)
- BUGCHK Privilege (Devour)
- BYPASS Privilege (All)
- CMEXEC Privilege (All)
- CMKRNL Privilege (All)
- DIAGNOSE Privilege (Objects)
- DOWNGRADE Privilege (All)
- EXQUOTA Privilege (Devour)
- GROUP Privilege (Group)
- GRPNAM Privilege (Devour)
- GRPPRV Privilege (Group)
- IMPERSONATE Privilege (All) (Formerly DETACH)
- IMPORT Privilege (Objects)
- LOG_IO Privilege (All)
- MOUNT Privilege (Normal)
- NETMBX Privilege (Normal)
- OPER Privilege (System)
- PFNMAP Privilege (All)
- PHY_IO Privilege (All)
- PRMCEB Privilege (Devour)
- PRMGBL Privilege (Devour)
- PRMMBX Privilege (Devour)
- PSWAPM Privilege (System)
- READALL Privilege (Objects)
- SECURITY Privilege (System)
- SETPRV Privilege (All)
- SHARE Privilege (All)
- SHMEM Privilege (Devour)
- SYSGBL Privilege (Files)
- SYSLCK Privilege (System)
- SYSNAM Privilege (All)
- SYSPRV Privilege (All)
- TMPMBX Privilege (Normal)
- UPGRADE Privilege (All)
- VOLPRO Privilege (Objects)
- WORLD Privilege (System)
- B Protection for OpenVMS System Files
- C Running an OpenVMS System in a C2 Environment
- D Alarm Messages