Document revision date: 19 July 1999

A
Access
auditing of processes
BYPASS privilege
class-specific overrides
denying
how the system determines
object-oriented
performance impact of auditing
privileges bypassing ACLs
privileges bypassing protection codes
subject-oriented
through ACLs
through GRPPRV privilege #1
through GRPPRV privilege #2
through protection codes
through READALL privilege
through SYSPRV privilege #1
through SYSPRV privilege #2
to deleted file data
Access categories
Access control
ACE order, importance of
assigning file defaults
bypassing ACLs
bypassing protection codes
comparing security profiles
controlling in network environment
default
default application account
default for inbound connection
denying a class of users
denying access through an ACL
evaluating a user's access request #1
evaluating a user's access request #2
explicit
for a network
for applications
for connections
for protected objects
Identifier ACEs and
in a network environment
limited-access accounts
limiting access to an environment #1
limiting access to an environment #2
limiting device access
limiting logins
matrix
object security profiles
object-specific considerations
protection code processing rules
protection code user categories
proxy #1
proxy #2
routing initialization passwords
through ACLs #1
through ACLs #2
using Identifier ACEs #1
using Identifier ACEs #2
using the NCP
Access control strings #1
Access control strings #2
command procedures and
exposing password in
protecting information in
secondary passwords with
/ACCESS qualifier in Authorize utility
Access requirements
allocating devices
capability object
common event flag clusters
directories
file-oriented devices
files
global sections
I/O channel
logical name tables
non-file-oriented devices
queues
resource domains
security class objects
shareable devices
spooled devices
unshareable devices
volumes
Access types
abbreviations of
ACLs
associate
capability class
class-dependency of
common event flag clusters
control #1
control #2
files
objects in general
create
logical name tables
volumes
delete
common event flag clusters
files
logical name tables
queues
volumes
directories
execute
files
global sections
files
global sections
lock
logical I/O
logical name tables
manage
physical I/O
protection codes and #1
protection codes and #2
queues
read
devices
files
global sections
logical name tables
queues
resource domains
security class
volumes
resource domains
security audit and
security class
shared devices
submit
unshared devices
volumes
write
devices
files #1
files #2
global section
logical name tables
resource domains
security class
volumes
Accounting logs as security tool
Accounts
accessing after password expires
application
auditing access
captive
DECNET account, removing
designing secure accounts #1
designing secure accounts #2
disabling with DISUSER flag
disguising identity
expiration #1
expiration #2
first login
group
guest
initial password
interactive
limited-access
network objects #1
network objects #2
open
password expiration and
password requirements for
passwords for multiple
privileged
project #1
project #2
proxies for groups
proxy
renewing expired
restricted #1
restricted #2
secondary password
setting duration of
setting up to use project identifiers
types of #1
types of #2
user passwords for
ACE attributes
Default
Hidden
None #1
None #2
Nopropagate #1
Nopropagate #2
Protected #1
Protected #2
Protected #3
ACEs (access control entries)
adding
Alarm ACEs #1
Alarm ACEs #2
Audit ACEs #1
Audit ACEs #2
creating
Creator ACEs #1
Creator ACEs #2
Creator ACEs #3
Default Protection ACEs #1
Default Protection ACEs #2
Default Protection ACEs #3
Default Protection ACEs #4
examples
deleting
generating audit event messages
inserting in a list
order of #1
order of #2
order of #3
replacing
security auditing
sensitive files and
Subsystem ACEs
subsystem ACEs #1
subsystem ACEs #2
subsystem ACEs #3
types of
ACL editor
displaying ACLs
modifying ACLs
ACLs (access control lists) #1
ACLs (access control lists) #2
ACE order #1
ACE order #2
ACE order #3
alarms generated by
assigning by default to new files
auditing in C2 systems
bypassing with special rights
copying
creating
deleting
deleting obsolete identifiers
designing
disadvantages of
displaying #1
displaying #2
effect of privileges
effect on performance
granting access
interaction with protection codes
management overview
modifying
network file sharing
priority in access evaluation
protection codes and
queue access rights
reordering entries
replacing ACEs
restoring default ACL
restoring file default
security element of an object
setting file protection #1
setting file protection #2
system program files
ACNT privilege
ADD/IDENTIFIER command in Authorize utility
ADD/PROXY command in Authorize utility #1
ADD/PROXY command in Authorize utility #2
Alarm ACEs
how to use
position in ACL
Alarm messages
ACL event
authorization database modification
break-in event
INSTALL event
login
login failure
logout
network connection
object access event
object creation
object deaccess
object deletion
privilege use
process control event
SET AUDIT use
system parameter modification
time modification
volume mount/dismount
Alarms
enabling for security
ALLSPOOL privilege
Alphanumeric UICs
ALTPRI privilege
ANALYZE/AUDIT command
qualifier summary
Announcement messages #1
Announcement messages #2
security disadvantages
APPEND command, /PROTECTION qualifier
Applications, setting access control
Archive files
analyzing security-relevant events
enabling remote
for security event messages
Archive flush
ASCII output from Audit Analysis utility
Associate access
Asynchronous connection, dynamic
Asynchronous DDCMP driver
Attacks, types of system
Audit ACEs
how to use
Audit Analysis utility (ANALYZE/AUDIT)
analyzing archive files
ASCII output from
binary output from
determining criteria of the analysis
example
generating daily reports
interactive commands
invoking
overview
prerequisites
report formats #1
report formats #2
types of output
when to ignore events
AUDIT privilege
Audit server databases
Audit server processes
changing disk transfer rate
controlling message flow
delaying delivery of event messages
disabling
enabling
error handling #1
error handling #2
final server action
managing
memory limitations and
pre-extending log files
tasks performed by
Audit trails
in security models
Auditing
applications
as security feature
of security events
$AUDIT_EVENT system service, reporting security-relevant events
Authentication
external
Authentication cards
C2 system requirements
Authority-based systems
Authorization databases
access matrix #1
access matrix #2
adding users
auditing
auditing modifications to
contents
synchronizing authorization on clustered systems
Authorize utility (AUTHORIZE)
ADD/FLAG command
ADD/IDENTIFIER command #1
ADD/IDENTIFIER command #2
ADD/PROXY command #1
ADD/PROXY command #2
CREATE/PROXY command
CREATE/RIGHTS command
EXTAUTH flag
/GENERATE_PASSWORD qualifier
GRANT/IDENTIFIER command #1
GRANT/IDENTIFIER command #2
MODIFY/FLAG command
MODIFY/SYSTEM_PASSWORD command
REMOVE/IDENTIFIER command
SHOW/IDENTIFIER command #1
SHOW/IDENTIFIER command #2
SHOW/RIGHTS command
Autodial protocol
Automatic login facility (ALF)
Autologin account as security problem
AUTOLOGIN flag
C2 systems and
cluster requirements for ALF files
Automatic password generation #1
Automatic password generation #2
disadvantages
example
minimum length

	privacy and legal statement
6346PRO_INDEX.HTML