Security and availability, Overview, Data file access security – HP Integrity NonStop J-Series User Manual
Page 192: Security and, Availability
System Management
HP NonStop AutoTMF Software User’s Guide—429952-016
A-18
Security and Availability
3. Whenever the CI opens a new monitor, the version checks are made for both the
monitor process and the associated MapDB.
4. When a
command is run, the monitor terminates if the CI
version does not match the monitor’s version. The monitor also checks the version
of MapDB.
5. When a prepared application process is running, each request from the AutoTMF
runtime to the monitor contains a version number. If the version does not match the
monitor’s version, the request is rejected, and the application terminates.
Security and Availability
This section describes various security and availability considerations when installing
and using AutoTMF. This material should be studied carefully before enabling a
production application to use AutoTMF.
Overview
Security considerations are essentially two-fold:
When used in production, AutoTMF becomes an essential part of the application
environment; damage or misuse of the product may result in an application outage
and business disruption. You should take steps to secure the product to ensure its
continuous availability.
Since production database accesses are intercepted by AutoTMF, there is an
opportunity for misuse that could compromise security of your database. You can
prevent security breaches with a few simple installation and configuration steps.
In general, a few minor security considerations are introduced, but the product does
not represent a major avenue for breaches of system or data security. AutoTMF is not
privileged and does not require use of the SUPER.SUPER account at any time. It
depends on conventional file system security to protect its own configuration data. With
the exception of the tracing facility, described below, it depends on conventional file
system security to protect your database and other files.
Data File Access Security
All application data access is performed using standard, non-privileged, operations
from the application process. The form of access may be altered (such as to perform
additional Enscribe operations), but these operations are subject to the same security
control as provided for all application access to data.
Note. Requirements for security vs. ease-of-access vary from customer to customer. The
following security guidelines may or may not apply to your security requirements, You are
ultimately responsible for ensuring the appropriate level of security.