Collapse TOC
HP OpenVMS Guide to System Security
bulleted text Legal Notice
Preface
bulleted text Intended Audience
bulleted text Document Structure
bulleted text Related Documents
bulleted text Reader's Comments
bulleted text How to Order Additional Documentation
bulleted text Conventions
Security Overview
Understanding System Security
bulleted text Types of Computer Security Problems
bulleted text Levels of Security Requirements
bulleted text Building a Secure System Environment
bulleted text Common Data Security Architecture (CDSA)
bulleted text Secure Sockets Layer (SSL)
bulleted text Kerberos
OpenVMS Security Model
bulleted text Structure of a Secure Operating System
bulleted text Implementation of the Reference Monitor
bulleted text Summary: System Security Design
Security for the User
Using the System Responsibly
bulleted text Choosing a Password for Your Account
bulleted text Knowing What Type of Password to Use
bulleted text Password Requirements for Different Types of Accounts
bulleted text Types of Logins and Login Classes
bulleted text Login Failures: When You Are Unable to Log In
bulleted text Changing Your Password
bulleted text Password and Account Expiration Times
bulleted text Guidelines for Protecting Your Password
bulleted text Network Security Considerations
bulleted text Auditing Access to Your Account and Files
bulleted text Logging Out Without Compromising System Security
bulleted text Checklist for Contributing to System Security
Protecting Data
bulleted text Contents of a User's Security Profile
bulleted text Security Profile of Objects
bulleted text How the System Determines If a User Can Access a Protected Object
bulleted text Controlling Access with ACLs
bulleted text Controlling Access with Protection Codes
bulleted text Understanding Privileges and Control Access
bulleted text Auditing Protected Objects
Descriptions of Object Classes
bulleted text Capabilities
bulleted text Common Event Flag Clusters
bulleted text Devices
bulleted text Files
bulleted text Global Sections
bulleted text Logical Name Tables
bulleted text Queues
bulleted text Resource Domains
bulleted text Security Classes
bulleted text Volumes
Security for the System Administrator
Managing the System and Its Data
bulleted text Role of a Security Administrator
bulleted text Site Security Policies
bulleted text Tools for Setting Up a Secure System
bulleted text Account Requirements for a Security Administrator
bulleted text Training the New User
bulleted text Logging a User's Session
bulleted text Ongoing Tasks to Maintain a Secure System
Managing System Access
bulleted text Defining Times and Conditions for System Access
bulleted text Assigning Appropriate Accounts to Users
bulleted text Using Passwords to Control System Access
bulleted text Enabling External Authentication
bulleted text Controlling the Login Process
Controlling Access to System Data and Resources
bulleted text Designing User Groups
bulleted text Naming Individual Users in ACLs
bulleted text Defining Sharing of Rights
bulleted text Conditionalizing Identifiers for Different Users
bulleted text Designing ACLs
bulleted text Populating the Rights Database
bulleted text Giving Users Privileges
bulleted text Setting Default Protection and Ownership
bulleted text Added Protection for System Data and Resources
Security Auditing
bulleted text Overview of the Auditing Process
bulleted text Reporting Security-Relevant Events
bulleted text Developing an Auditing Plan
bulleted text Methods of Capturing Event Messages
bulleted text Analyzing a Log File
bulleted text Managing the Auditing Subsystem
System Security Breaches
bulleted text Forms of System Attacks
bulleted text Indications of Trouble
bulleted text Routine System Surveillance
bulleted text Handling a Security Breach
Securing a Cluster
bulleted text Overview of Clusters
bulleted text Building a Common Environment
bulleted text Synchronizing Authorization Data
bulleted text Managing the Audit Log File
bulleted text Protecting Objects
bulleted text Storing Profiles and Auditing Information
bulleted text Clusterwide Intrusion Detection
bulleted text Using the System Management Utility
bulleted text Managing Cluster Membership
bulleted text Using DECnet Between Cluster Nodes
Security in a Network Environment
bulleted text Managing Network Security
bulleted text Hierarchy of Access Controls
bulleted text Proxy Access Control
bulleted text Using DECnet Application (Object) Accounts
bulleted text Specifying Routing Initialization Passwords
bulleted text Sharing Files in a Network
Using Protected Subsystems
bulleted text Advantages of Protected Subsystems
bulleted text Applications for Protected Subsystems
bulleted text How Protected Subsystems Work
bulleted text Design Considerations
bulleted text System Management Requirements
bulleted text Building the Subsystem
bulleted text Enabling Protected Subsystems on a Trusted Volume
bulleted text Giving Users Access
bulleted text Example of a Protected Subsystem
Assigning Privileges
bulleted text ACNT Privilege (Devour)
bulleted text ALLSPOOL Privilege (Devour)
bulleted text ALTPRI Privilege (System)
bulleted text AUDIT Privilege (System)
bulleted text BUGCHK Privilege (Devour)
bulleted text BYPASS Privilege (All)
bulleted text CMEXEC Privilege (All)
bulleted text CMKRNL Privilege (All)
bulleted text DIAGNOSE Privilege (Objects)
bulleted text DOWNGRADE Privilege (All)
bulleted text EXQUOTA Privilege (Devour)
bulleted text GROUP Privilege (Group)
bulleted text GRPNAM Privilege (Devour)
bulleted text GRPPRV Privilege (Group)
bulleted text IMPERSONATE Privilege (All) (Formerly DETACH)
bulleted text IMPORT Privilege (Objects)
bulleted text LOG_IO Privilege (All)
bulleted text MOUNT Privilege (Normal)
bulleted text NETMBX Privilege (Normal)
bulleted text OPER Privilege (System)
bulleted text PFNMAP Privilege (All)
bulleted text PHY_IO Privilege (All)
bulleted text PRMCEB Privilege (Devour)
bulleted text PRMGBL Privilege (Devour)
bulleted text PRMMBX Privilege (Devour)
bulleted text PSWAPM Privilege (System)
bulleted text READALL Privilege (Objects)
bulleted text SECURITY Privilege (System)
bulleted text SETPRV Privilege (All)
bulleted text SHARE Privilege (All)
bulleted text SHMEM Privilege (Devour)
bulleted text SYSGBL Privilege (Files)
bulleted text SYSLCK Privilege (System)
bulleted text SYSNAM Privilege (All)
bulleted text SYSPRV Privilege (All)
bulleted text TMPMBX Privilege (Normal)
bulleted text UPGRADE Privilege (All)
bulleted text VOLPRO Privilege (Objects)
bulleted text WORLD Privilege (System)
Protection for OpenVMS System Files
bulleted text Standard Ownership and Protection
bulleted text Listing of OpenVMS System Files
Running an OpenVMS System in a C2 Environment
bulleted text Introduction to C2 Systems
bulleted text Trusted Computing Base (TCB) for C2 Systems
bulleted text Checklist for Generating a C2 System
bulleted text Alarm Messages
bulleted text Glossary
bulleted text Index