HPlogo

HP Security Monitor/iX User's Guide: HP 3000 MPE/iX Computer Systems
» 

Technical documentation

Complete book in PDF
» Feedback

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
   
 

HP Part Number: 32650-90497

Edition: First Edition

Published: Printed in: U.S.A. April 1994

Table of Contents

Preface
1 Introduction
The HP Security Monitor/iX User's Guide
Physical Security
Procedural Security
System Security
Identification
Authentication
Authorization
Defining User Roles
The System Manager
The System Supervisor
The System Operator
The Account Manager
General Users
Security Policy
Components of the Account Structure
The Individual Account
Files
Standard Characteristics
Creating Naming Conventions
User Names
Group Names
File Names
Hierarchical file system (HFS)
HFS file names
HFS syntax
2 Accessing the System
Getting Started
To Log On
Guidelines for Selecting Passwords
Protecting Your System with Passwords
Changing Your Password
If Your Password Expires
Discussion
Effects of Expired User Passwords
Password Encryption
Discussion
Minimum Password Lengths
Mandatory Password Prompts
Discussion
Controlling System Access with Logon Restrictions
Terminating Sessions on Initial UDC Failure
Limiting the Number of Logon Attempts
Providing Minimal Logon Assistance
Dealing with Embedded Passwords in Remote Logons
Passwords in Batch Submissions
Embedded Passwords in Job Files
Restricting Job Cross Streaming
The Cross Streaming Authorization Option
Eliminating Password Exposure with the Stream Privilege Option
Stream Privilege Option Features
3 Protecting Your System with Access Control Definitions (ACDs)
Access Control Definitions (ACDs)
What is an ACD?
How do ACDs work
Access modes
User specifications
Required ACDs
HFS Object creation
HFS Object deletion
HFS File renaming
File owner
Appropriate Privilege
System manager capability
Account manager capability
Execute (X) Access
User Identification
SAVE access in MPE groups
CWD and File Security
The Maximum File Protection Option
ACD examples
Tasks Involving System Security
Listing ACDs
Listing ACDs for directories and files in directories
Changing access to HFS files and directories
Creating ACDs
Assigning ACDs
Adding an ACD Pair
Replacing an ACD Pair
Replacing ACDs
Modifying ACDs
Deleting ACDs
Copying ACDs
Copying Files That Have ACDs
4 Protecting Your Files with Capabilities, File Access Restrictions and Lockwords
File System Security Features
Capabilities
Account, Group, and User Capabilities
Listing Capabilities
Listing Group Capabilities
Capabilities Table
Account Librarian (AL)
Account Manager (AM)
Batch Access (BA)
Use Communications Software (CS)
Diagnostician (DI)
Extra Data Segments (DS)
Group Librarian (GL)
Interactive Access (IA)
Multiple RIN (MR)
Network Administrator (NA)
Node Manager (NM)
Use Nonshareable Devices (ND)
Use Mountable Volume Sets (UV)
Privileged Mode (PM)
Process Handling (PH)
Programmatic Sessions (PS)
Save User Files Permanently (SF)
System Manager (SM)
System Supervisor (OP)
Use User Logging Facility (LG)
Create Mountable Volume Sets (CV)
Restricting File Access
Access Modes
User Types
Specifying File Access Restrictions
Lockwords
Releasing and Securing File Security
Summary
A Error Messages
General Error Messages
ACD Related Error Messages
Index

List of Figures

1-1 Account Relationships
1-2 An Individual Account
1-3 Groups, Users, and Files
1-4 MPE/iX File System Example
4-1 Lockwords and Passwords

List of Tables

1-1 Where Accounts, Groups, Directories, and Files Can Be Located
1-2 Maximum Lengths of Account, Group, Directory, and File Names
1-3 Syntax Summary
3-1 File Access Modes
3-2 User Categories
4-1 Capability Assignments
4-2 File Access Modes
4-3 User Types
4-4 Default File Access Restrictions
   


Preface  
Feedback to webmaster