Safeguard Administrator's Manual (G06.24+, H06.03+)
Table Of Contents
- What’s New in This Manual
- About This Manual
- 1 Introduction
- 2 Controlling User Access
- Introduction
- Using SAFECOM to Establish a Local User Community
- Using SAFECOM to Manage User Access to Your System
- Changing the Owner of a User Authentication Record
- Granting a User Temporary Access to Your System
- Requiring Users to Change Their Passwords
- Granting a Grace Period for Changing an Expired Password
- Forcing Immediate Expiration of a User’s Password
- Freezing a User's Ability to Access the System
- Specifying Auditing for a User ID
- Deleting Users
- Deleting Administrative Groups
- Using SAFECOM to Establish a Network of Users
- Using Safeguard With Nodes With Standard Security
- Identifying Network Users
- Granting a Network User Access to Objects on Your System
- Establishing a Community of Network Users
- Changes to the PAID During a User’s Session
- Additional Considerations for Aliases and Groups
- Additional Considerations for ACCESS with Network Specific Subject IDs
- Establishing Default Protection for a User's Disk Files
- Specifying a Default Command Interpreter for a User
- Establishing Guardian Defaults
- Assigning an Alias to a User
- 3 Managing User Groups
- 4 Securing Volumes and Devices
- 5 OBJECTTYPE Control
- 6 Managing Security Groups
- 7 Securing Terminals
- 8 Warning Mode
- 9 Configuration
- Safeguard Attributes
- Configuring User Authentication
- Configuring Password Control
- Configuring Device Control
- Configuring Process Control
- Configuring Disk-File Control
- Configuring Safeguard Auditing
- Configuring a Default Command Interpreter
- Configuring Communication With $CMON
- Configuring Logon Dialog
- Configuring Exclusive Access at Safeguard Terminals
- Configuring Warning Mode
- Configuring Persistence
- Configuring Attributes for Node Specific Subjects in ACLs
- 10 Installation and Management
- Safeguard Components
- Process Considerations for the SMP and SAFECOM
- Safeguard Subsystem Management Commands
- General Installation Procedure
- Installing the Safeguard Software
- Starting the SMP
- Converting to the Safeguard Subsystem
- Updating the Safeguard Software
- Guidelines for Securing the Safeguard Subsystem
- Monitoring the Safeguard Subsystem
- A SAFECOM Command Syntax
- Index
Introduction
Safeguard Administrator’s Manual—523317-013
1-3
Preliminary Security Planning
Preliminary Security Planning
Advance planning is required before you install the Safeguard software. To plan the
security for your installation, you must understand the applications used on your
system, and you must know which users should be allowed to use system resources.
The Corporate Security Officer and Security Policy
Effective security requires that you have a security officer with executive status and
with authority to establish and enforce security policy. In turn, the security officer must
also be responsible for handling breaches of security.
Before installing the Safeguard software, the security officer establishes a security
policy for the system or network. The protection mechanisms offered by the Safeguard
software can help you implement many different security schemes, such as:
1. Restrictive security, in which a security administrator controls access to system
resources, and most users can access only a few resources
2. Permissive security, in which many users control access to different system
resources, and most resources are available to all users
3. Centralized security for a network, in which the security administrator is a network
user who either owns most of the network resources or serves as the network
group manager for local security administrators
4. Decentralized security for systems in a network, in which local users restrict
access to the resources on their node
The Security Administrator
Each installation must have a designated security administrator to set up and maintain
security control. HP recommends that the individual with the super ID not be assigned
the role of security administrator. Instead, a user familiar with computer operations or a
user from a security-related group such as the auditing department might be a better
choice.
A single part-time security administrator might be adequate for a centralized security
scheme that controls only a few system objects. A more comprehensive centralized
security scheme might require one or several full-time security administrators. For a
decentralized security scheme, in which each node controls the security of at least
some local objects, a local security administrator is probably needed at each node.
Objects That Require Protection
A security administrator should set only needed restrictions for all system objects that
require protection. To do this, consider the applications that run in the system and the
security requirements for each. Access to disk files, devices, subdevices, volumes,
subvolumes, processes, and subprocesses must be provided. You must determine
exactly which users need to have access to each object or type of object.