[OpenVMS documentation]
[Site home] [Send comments] [Help with this site] [How to order documentation] [OpenVMS site] [Compaq site]
Updated: 11 December 1998

OpenVMS Guide to System Security


Previous Contents Index

Chapter 5
5 Descriptions of Object Classes
     5.1     Capabilities
         5.1.1         Naming Rules
         5.1.2         Types of Access
         5.1.3         Template Profile
         5.1.4         Kinds of Auditing Performed
         5.1.5         Permanence of the Object
     5.2     Common Event Flag Clusters
         5.2.1         Naming Rules
         5.2.2         Types of Access
         5.2.3         Template Profile
         5.2.4         Privilege Requirements
         5.2.5         Kinds of Auditing Performed
         5.2.6         Permanence of the Object
     5.3     Devices
         5.3.1         Naming Rules
         5.3.2         Types of Access
         5.3.3         Access Requirements for I/O Operations
         5.3.4         Template Profile
         5.3.5         Setting Up Profiles for New Devices
         5.3.6         Privilege Requirements
         5.3.7         Kinds of Auditing Performed
         5.3.8         Permanence of the Object
     5.4     Files
         5.4.1         Naming Rules
         5.4.2         Types of Access
         5.4.3         Access Requirements
         5.4.4         Creation Requirements
         5.4.5         Profile Assignment
             5.4.5.1             Rules for Assigning Ownership
             5.4.5.2             Rules for Assigning a Protection Code and ACL
             5.4.5.3             Using the COPY and RENAME Commands
         5.4.6         Kinds of Auditing Performed
         5.4.7         Protecting Information When Disk Space Is Reassigned
             5.4.7.1             Overwriting Disk Blocks
             5.4.7.2             Setting a High-water Mark
             5.4.7.3             Accessibility of Data in a File
         5.4.8         Suggestions for Optimizing File Security
     5.5     Global Sections
         5.5.1         Naming Rules
         5.5.2         Types of Access
         5.5.3         Template Profile
         5.5.4         Privilege Requirements
         5.5.5         Kinds of Auditing Performed
         5.5.6         Permanence of the Object
     5.6     Logical Name Tables
         5.6.1         Naming Rules
         5.6.2         Types of Access
         5.6.3         Template Profile
         5.6.4         Privilege Requirements
         5.6.5         Kinds of Auditing Performed
         5.6.6         Permanence of the Object
     5.7     Queues
         5.7.1         Naming Rules
         5.7.2         Types of Access
         5.7.3         Template Profile
         5.7.4         Privilege Requirements
         5.7.5         Kinds of Auditing Performed
         5.7.6         Permanence of the Object
     5.8     Resource Domains
         5.8.1         Naming Rules
         5.8.2         Types of Access
         5.8.3         Template Profile
         5.8.4         Privilege Requirements
         5.8.5         Kinds of Auditing Performed
         5.8.6         Permanence of the Object
     5.9     Security Classes
         5.9.1         Naming Rules
         5.9.2         Types of Access
         5.9.3         Template Profile
         5.9.4         Kinds of Auditing Performed
         5.9.5         Permanence of the Object
     5.10     Volumes
         5.10.1         Naming Rules
         5.10.2         Types of Access
         5.10.3         Template Profile
         5.10.4         Privilege Requirements
         5.10.5         Kinds of Auditing Performed
         5.10.6         Permanence of the Object
Part III
Part III Security for the System Administrator
Chapter 6
6 Managing the System and Its Data
     6.1     Role of a Security Administrator
     6.2     Site Security Policies
     6.3     Tools for Setting Up a Secure System
     6.4     Account Requirements for a Security Administrator
     6.5     Training the New User
     6.6     Logging a User's Session
     6.7     Ongoing Tasks to Maintain a Secure System
Chapter 7
7 Managing System Access
     7.1     Defining Times and Conditions for System Access
         7.1.1         Restricting Work Times
         7.1.2         Restricting Modes of Operation
         7.1.3         Restricting Account Duration
         7.1.4         Disabling Accounts
         7.1.5         Restricting Disk Volumes
         7.1.6         Marking Accounts for External Authentication
     7.2     Assigning Appropriate Accounts to Users
         7.2.1         Types of System Accounts
             7.2.1.1             Interactive Account Example
             7.2.1.2             Limited-Account Example
         7.2.2         Privileged Accounts
         7.2.3         Interactive Accounts
         7.2.4         Captive Accounts
             7.2.4.1             Setting Up Captive Accounts
             7.2.4.2             Guidelines for Captive Command Procedures
         7.2.5         Restricted Accounts
         7.2.6         Automatic Login Accounts
         7.2.7         Guest Accounts
         7.2.8         Proxy Accounts
         7.2.9         Externally Authenticated Accounts
     7.3     Using Passwords to Control System Access
         7.3.1         Types of Passwords
             7.3.1.1             Primary Passwords
             7.3.1.2             System Passwords
             7.3.1.3             Secondary Passwords
             7.3.1.4             Console Passwords
             7.3.1.5             Authentication Cards
         7.3.2         Enforcing Minimum Password Standards
             7.3.2.1             Expiring Passwords
             7.3.2.2             Enforcing Change of Expired Password
             7.3.2.3             Requiring a Minimum Password Length
             7.3.2.4             Generated Passwords
             7.3.2.5             Site Password Algorithms
         7.3.3         Screening New Passwords
             7.3.3.1             System Dictionary
             7.3.3.2             History Lists
             7.3.3.3             Site-Specific Filters
         7.3.4         Password Protection Checklist
     7.4     Enabling External Authentication
         7.4.1         Overriding External Authentication
         7.4.2         Setting a New Password
         7.4.3         Case Sensitivity in Passwords and User Names
         7.4.4         User Name Mapping and Password Verification
         7.4.5         Password Synchronization
         7.4.6         Specifying the SYS$SINGLE_SIGNON Logical Name Bits
     7.5     Controlling the Login Process
         7.5.1         Informational Display During Login
             7.5.1.1             Announcement Message
             7.5.1.2             Welcome Message
             7.5.1.3             Last Login Messages
             7.5.1.4             New Mail Announcements
         7.5.2         Limiting Disconnected Processes
         7.5.3         Providing Automatic Login
         7.5.4         Using the Secure Server
         7.5.5         Detecting Intruders
         7.5.6         Understanding the Intrusion Database
             7.5.6.1             How Intrusion Detection Works
             7.5.6.2             Setting the Exclusion Period
             7.5.6.3             System Parameters Controlling Login Attempts
         7.5.7         Security Server Process


Previous Next Contents Index

[Site home] [Send comments] [Help with this site] [How to order documentation] [OpenVMS site] [Compaq site]
[OpenVMS documentation]

Copyright © Compaq Computer Corporation 1998. All rights reserved.

Legal
6346PRO_CONTENTS_001.HTML