[OpenVMS documentation]
[Site home] [Send comments] [Help with this site] [How to order documentation] [OpenVMS site] [Compaq site]
Updated: 11 December 1998

OpenVMS Guide to System Security


Previous Contents Index

P
Paper shredders
Password generators
    obtaining initial password
    when to require
Password grabber programs #1
Password grabber programs #2
Password grabber programs #3
    catching with auditing ACEs
Password protection #1
Password protection #2
Password synchronization
Passwords
    acceptable
    automatically generated #1
    automatically generated #2
    avoiding detection #1
    avoiding detection #2
    avoiding detection #3
    chances to supply during dialups
    changing #1
    changing #2
        at login
        expired
        frequency guidelines
        secondary
        using /NEW_PASSWORD qualifier
    cluster membership management
    console
        C2 system requirements
    console passwords
    dialup retries #1
    dialup retries #2
    dual #1
    dual #2
    eliminating for networks
    encoding
    encryption algorithms
    expiration #1
    expiration #2
    expiration #3
    expiration time
    failure to change
    first
    forced change #1
    forced change #2
    format
    generated #1
    generated #2
    generated #3
    guessing
    history list
    how to preexpire
    incorrect
    initial #1
    initial #2
    length #1
    length #2
    length #3
    lifetime of #1
    lifetime of #2
    locked #1
    locked #2
    locked #3
    minimum length #1
    minimum length #2
    minimum length #3
    multiple systems and
    new
    null as choice for captive account
    open accounts and
    password grabber programs
    primary #1
    primary #2
    primary #3
    primary passwords
    proxy logins
    reason for changing #1
    reason for changing #2
    receive
    restrictions #1
    restrictions #2
    reuse
    risky
    routing initialization
    screening
        against dictionary
        against history list
        with site-specific filter
    secondary #1
    secondary #2
        changing
        changing expired
        entering
    secondary passwords
    secure
    secure choices for
    secure terminal servers and
    sharing #1
    sharing #2
    system #1
    system #2
    system #3
        dictionary
    transmit
    types
    uniqueness for each account
    user #1
    user #2
    user guidelines
    verifying change of
    when account is created
    when to change
Performance
    ACL length and
    high-water marking and
    security-auditing impact
PFMGBL privilege
PFNMAP privilege #1
PFNMAP privilege #2
PHONE objects
Physical I/O access
Physical security
    C2 systems and
    encrypting files
    restricting system access
    violation indicators
    when logging out #1
    when logging out #2
PHY_IO privilege #1
PHY_IO privilege #2
PIPE command
    impact on subprocess auditing events
PIPE subprocess
    analyzing audit messages
Port
    terminal
/PRCLM qualifier in AUTHORIZE
Primary passwords
/PRIMEDAYS qualifier, example
Printers
    C2 systems and
    default security elements
Privilege requirements
    common event flag clusters
    devices
    global sections
    logical name tables
    queues
    resource domains
    volumes
Privileged accounts #1
Privileged accounts #2
Privileges
    ACNT
    affecting object access
    All category #1
    All category #2
    ALLSPOOL
    ALTPRI
    AUDIT
    auditing use of #1
    auditing use of #2
    authorized process #1
    authorized process #2
    BUGCHK
    BYPASS #1
    BYPASS #2
    BYPASS #3
    BYPASS #4
    BYPASS #5
    bypassing ACLs
    bypassing protection codes
    captive accounts and
    categories of #1
    categories of #2
    CMEXEC
    CMKRNL
    default process #1
    default process #2
    definition
    DETACH
    Devour category #1
    Devour category #2
    DIAGNOSE
    disabling
    DOWNGRADE
    enabling through SETPRV
    EXQUOTA
    file sharing and
    GROUP #1
    GROUP #2
    Group category #1
    Group category #2
    GRPNAM #1
    GRPNAM #2
    GRPPRV #1
    GRPPRV #2
    GRPPRV #3
    GRPPRV #4
    GRPPRV #5
    GRPPRV #6
    GRPPRV #7
    IMPERSONATE
    IMPORT
    influence on object access
    LOG_IO
    MOUNT
    NETMBX
    network requirements
    Normal category #1
    Normal category #2
    Objects category #1
    Objects category #2
    OPER #1
    OPER #2
    PFNMAP
    PHY_IO
    PRMCEB
    PRMGBL
    PRMMBX
    process
    PSWAPM
    READALL #1
    READALL #2
    READALL #3
    recommendations for different users
    related to group UIC
    reporting use with $CHECK_PRIVILEGE
    SECURITY
    security administrator requirements
    SET PROCESS/PRIVILEGES
    SETPRV
    SHARE
    SHMEM
    storage in UAF record
    summary of #1
    summary of #2
    SYSGBL
    SYSLCK
    SYSNAM
    SYSPRV #1
    SYSPRV #2
        controlling access through
        effect on protection mechanisms
        giving rights of system user
        tasks requiring
    System category
    TMPMBX
    trusted users and
    UAF records and
    untrusted users and
    UPGRADE
    VOLPRO
    WORLD
PRMCEB privilege #1
PRMCEB privilege #2
PRMGBL privilege
PRMMBX privilege #1
PRMMBX privilege #2
Probers, catching #1
Probers, catching #2
Probing, as security problem
Process exclusion list
Processes
    access rights of
    activities permitted by privileges
    adding to exclusion list
    audit server
    auditing of #1
    auditing of #2
    auditing system services controlling
    connecting to
        restrictions
    creating
        with different UICs
    default protection for
    disconnected #1
    disconnected #2
    displaying default protection
    displaying process rights identifiers
    enabling privileges
    interactive mode
    logging out of current
    modifying the rights list
    reconnecting
    security profiles of
    suspending
    UIC identifiers
Project accounts
    as protected subsystems
    setting up
Prompts, passwords and
Propagating protection, example
Protected attribute #1
Protected attribute #2
    deleting ACEs with
Protected object databases
Protected subsystems
    advantages of #1
    advantages of #2
    applications for
    constructing
    description of #1
    description of #2
    design requirements
    enabling
    example
    file protection #1
    file protection #2
    mounting volumes with
    printer protection
    subsystem ACEs
    system management requirements
    user access
Protection
    ACL-based
    capability
    command procedures and
    common event flag clusters
    deleted data #1
    deleted data #2
    deleted data #3
    deleted data #4
    devices
    global sections
    logical name tables
    managing defaults #1
    managing defaults #2
    objects
    queues
    resource domains
    security class
    through protected subsystems
    UIC-based codes
    volumes
Protection checking
    evaluating an object access request
    exception with zero UICs
    influenced by ownership
Protection codes
    access specification
    access types
    assigning during file creation
    bypassing with special rights
    changing
    default file protection #1
    default file protection #2
    definition #1
    definition #2
    denying all access
    effect of privileges
    evaluation sequence
    format
    granting control access
    Identifier ACEs and
    interaction with ACLs
    interpreting
    multiple user categories and
    null access specification #1
    null access specification #2
    priority in access evaluation
    processing
    queue access rights
    reading
    restoring file default
    security element of an object
    sequence of checking categories
    user categories
Protocols
    autodial
Proxies
    access control
Proxy
    access
        setting up a proxy database for
    access control
        removing
Proxy access
    to applications
    to nodes
Proxy accounts #1
Proxy accounts #2
    as captive accounts
    as restricted accounts
    C2 systems and
    default
    example #1
    example #2
    general-access
    maximum number allowed
    multiple-user
    naming
    recommended restrictions
    selecting from multiple
    single-user
Proxy database
    setting up
Proxy logins
    access control
    account
    establishing and managing #1
    establishing and managing #2
    NET$PROXY.DAT
    NETPROXY.DAT
    network applications
    security benefits
PSWAPM privilege
PURGE command, /ERASE qualifier
/PWDLIFETIME qualifier
/PWDMINIMUM qualifier


Previous Next Contents Index

[Site home] [Send comments] [Help with this site] [How to order documentation] [OpenVMS site] [Compaq site]
[OpenVMS documentation]

Copyright © Compaq Computer Corporation 1998. All rights reserved.

Legal
6346PRO_INDEX_005.HTML