Owner's manual
Introduction to the Safeguard Subsystem
Safeguard User’s Guide — 422089-020
1 - 5
The Safeguard Subsystem and Standard Security
and modify an access control list (ACL) for that object. The ACL specifies which
individual users and specific user groups can access the object and what access
authorities those users have to the object.
Without the Safeguard subsystem installed, the Guardian environment provides basic
security controls for users and disk files. The Safeguard subsystem extends and
complements this basic set of security controls for users and for protected objects.
To achieve the extra control over user authentication that the Safeguard software
provides, a security administrator can specify values for the user attributes that are
unique to the Safeguard subsystem.
Table 1-1. Comparing Guardian Security and Safeguard Security (page 1 of 2)
Security Feature
Guardian
Security
Safeguard
Se
curity
Users
User authentication Yes Yes
Remote password authentication Yes Yes
Password expiration - Yes
Password expiration grace period - Yes
Password expiration warning - Yes
Password change during logon - Yes
User expiration - Yes
Audit of logon and logoff + Yes
Audit of attempts to manage a Safeguard record N.A. Yes
Audit of a specific user's actions - Yes
Minimum password length - Yes
One-way password encryption - Yes
Prompt for old password before allowing a password
change
- Yes
Password history - Yes
Password required - Yes
Maximum password length - Yes
Password compatibility mode - Yes
Disk Files and Diskfile Patterns
ACL authorities RWEP RWEPCO
ACL Access control list.
* Offered by extensions to the PASSWORD program.
+ Offered by the $CMON interface of TACL.
Codes for access authorities in ACL:
R - Read E - Execute C - Create
W - Write P - Purge O - Owner