Security Management Guide (G06.24+, H06.03+)
Contents
Security Management Guide—522283-008
v
6. Concerns for the Application
Programmer (continued)
6. Concerns for the Application Programmer (continued)
Authentication User IDs 6-1
Application-Specific User IDs 6-4
7. Concerns for the System Administration Team
Managing User Names 7-1
Administrative Groups 7-1
File-Sharing Groups 7-2
Multiple User Names for One Person 7-3
Super-Group User IDs 7-4
Group-Manager User IDs 7-4
Anonymous or Guest User IDs 7-5
Unused User IDs 7-5
Removing a User From the System 7-6
Managing Passwords 7-7
Password Length 7-7
Password Reuse 7-8
Initial Password 7-8
Password Change Periods 7-9
Password Expiration Warning 7-9
Physical Security 7-10
The Computer Room 7-10
The System Console 7-10
The Remote Maintenance Interface (RMI) 7-10
The Computer Cabinet 7-10
The Printers 7-10
The Tape Units 7-11
The Tape Library 7-11
Off-Site Storage 7-11
Dial-Up Access and Security 7-11
Authorization Lists 7-11
Additional External Passwords 7-12
Call-Back Routine 7-12
Automatic Terminal Authentication 7-13
Screening Dial-Up Users 7-13
Periodic Password and Phone Number Changes 7-13
Action If the Line Is Dropped 7-13
Installation Controls 7-13
Restricting Access to System Software 7-14