Manualshelf

OSF DCE Application Development Guide--Core Components

ManualsBrandsHP ManualsServerHP NonStop G-Series
51525354555657585960
OSF DCE Application Development Guide—Core Components
To control the services of remote servers, management applications use the
dced_server_disable_if() and dced_server_enable_if( ) routines. These routines work
on the srvrexec object. When a service (interface) is disabled, a client that already
knows about the service (through a binding handle to this interface and server) will no
longer work because the interface is unregistered with the RPC runtime. If you wish to
have clients that already know about the server and service work, but wish to prohibit
any new clients from finding the server and service, you can use
rpc_mgmt_ep_unregister() to remove from the endpoint map the server address
information with respect to the service. This routine does not affect the RPC runtime.
2.7 Validating the Security Server
The security validation service (secval) has the following major functions:
It maintains a login context for the host’s self-identity which includes periodic
changes to the host’s key (password).
It validates and certifies to applications, usually login programs, that the DCE
security daemon (secd) is legitimate.
Clients (including remote clients, local servers, host logins, and administrators) all need
the security validation service to make sure that the secd) process being used by the host
is legitimate. The security validation service establishes the link in a trust chain between
applications and secd so that applications can trust the DCE security mechanism.
An application can trust its host’s security validation service because they are on the
same host, but an application has no way to ‘‘convince itself’’ that secd, presumably on
another host, is genuine. However, if the application trusts another principal (in this case,
the security validation service), which in turn trusts secd, then the trust chain now
extends from the application to secd.
Typically, a login program accesses the security validation service when it uses the DCE
Security Service’s login API, described in Chapter 29. Administrators access the secval
service by using the dcecp secval object. However, suppose you are writing a security
monitoring application to watch for and respond to security attacks. After the application
binds to the secval service, it can call the dced_secval_validate() routine to verify that
the secd process is legitimate.
Applications can also use the dced_secval_start() and dced_secval_stop( ) routines to
start and stop the security validation service on a given host.
For example, during configuration of a host, the dced program can start with or without
the security validation service. Later when security is configured, a management
application can start secval by using the dced_secval_start( ) routine. For another
example, suppose our security monitoring application mentioned earlier suspects an
attack. The application can call dced_secval_stop( ) to stop the security validation
service without stopping the entire dced. This makes the login environment more
restrictive.
2 24 Tandem Computers Incorporated 124245