beautypg.com

About hp nas server security, Hp nas server security in a unix-only environment, About hp nas server security 29 – HP StorageWorks 8000 NAS User Manual

Page 31

background image

NAS 8000 Concepts 29

NA
S 80
00

C

on

cep

ts

About HP NAS Server Security

Two basic ways to ensure the security of the NAS server are:

Control access to the device

Set an administrative password to ensure that only authorized users gain

access to key administrative functions

Access and rights to the data that clients store on the NAS server can involve

security in the Windows® and UNIX® environments. This section discusses

key security elements that you might consider when administering your NAS

server.

HP NAS Server Security in a UNIX-only Environment

UNIX uses a reasonably simple approach to data access security. Each

workstation performs user authentication locally. Each user is associated with

a 16-bit integer (user ID or UID). Additionally, each user can be a part of a

group that is denoted by another 16-bit integer (group ID or GID). A user can

be a member of several groups, each with its own unique GID. All objects

contain associated meta-data that includes the UID and GID as well as read/

write/execute permissions for the object. A typical UNIX file permission might

look like:

-rwxr-xr-x 1 201 5 611 Nov 11 11:09 testfile

-rwxr-xr-x 1 Wilson Engineering 611 Nov 11 11:09

testfile

In the first line, numbers represent the UID and GID; in the second line, the

names associated with the UID and GID are displayed. In either case, Wilson

(UID 201), who is a member of the Engineering group (GID 5), created a file

that has permissions for three different groups. The permissions are

represented by a string of nine characters: three characters for the

permissions of each of the three groups of users. The three groups are the

owner (Wilson), the group (Engineering), and other. In the example above,

the owner has specified rwx (read/write/execute) privileges for himself, r-x

(read/execute) privileges for the group, and r-x (read/execute) privileges

for other.
In your network, you might use a Network Information Service (NIS) server to

help you maintain common configuration files such as the password, group,

and host files. If your environment uses a NIS server, you can enable NIS. The

See also other documents in the category HP Storage: