Security Management Guide (G06.24+, H06.03+)
Security Management Guide—522283-008
2-1
2 Guardian System Security
The security of an application for a NonStop system depends on both the protection
designed into it and the protection offered by the Guardian environment. This section
provides an overview of Guardian security features as well as guidance on how to use
these features to help secure your system.
For more information, about security features and other Guardian utilities, see the
Guardian User’s Guide.
Although this section deals only with the standard Guardian security features, you
should consider installing the Safeguard software to gain the extra security capabilities
that it provides. If you intend to use Safeguard capabilities to secure your system, you
should also read Section 3, Safeguard System Security.
Overview of Guardian Security Features
Guardian security features provide these types of protection:
Table 2-1 describes the interfaces to Guardian security mechanisms. Most of these
commands and programs are described in the TACL Reference Manual. The FUP
commands are described in the File Utility Program (FUP) Reference Manual.
User security The system prevents access from unauthorized users. A group
manager or the super ID assigns a unique user name and user
ID to each user. For systems that require passwords, a user
must enter the user name (or user ID) and the password to log
on to the system.
Disk-file security Each Guardian disk file has an owner. A file owner can secure
a file with the File Utility Program (FUP) to prevent unauthorized
users from accessing it.
Process security The system can prevent one process from interfering with
another process. However, process security features do not
interfere with applications running on systems where security is
not required.
Network security Users can be granted access to remote nodes through the use
of remote passwords and global user IDs.