beautypg.com

HP Integrity NonStop J-Series User Manual

Page 26

background image

Introduction to the Safeguard Subsystem

Safeguard User’s Guide — 422089-020

1 - 6

The Safeguard Subsystem and Standard Security

Similarly, to achieve the extra control over object-access authorization, objects must
first be given Safeguard protection. For example, until a disk file is added to the
Safeguard database, the Guardian disk-file security mechanism remains in effect. For
your convenience,

Appendix A, Guardian File Security

, describes how to specify

Guardian security for your disk files.

Because the Safeguard subsystem works with the security of the Guardian
environment, you have complete and selective control over the level of file security. For
example, you can place a single disk file under Safeguard control and leave the rest of
your database and program files under Guardian security. At the other extreme, you
can place every database and program file under Safeguard protection.

LICENSE, CLEARONPURGE, PROGID

Yes

Yes

PERSISTENT protection

-

Yes

Audit of attempts to access a file

-

Yes

Audit of attempts to manage a Safeguard record

N.A.

Yes

Disk Volumes And Subvolumes

ACL authorities

-

RWEPCO

Audit of attempts to access a volume or subvolume

-

Yes

Audit of attempts to manage a Safeguard record

N.A.

Yes

Processes And Subprocesses

ACL authorities

-

RWPCO

Audit of attempts to access process name

-

Yes

Audit of attempts to manage s Safeguard record

N.A.

Yes

Control of NAMED or UNNAMED as a group

-

Yes

Devices And Subdevices Other Than Disks

ACL authorities

-

RWO

Audit of attempts to access device

-

Yes

Audit of attempts to manage a Safeguard record

N.A.

Yes

OBJECTTYPE

ACL authorities

N.A.

CO

Audit of attempts to add objects of a certain type

-

Yes

Audit of attempts to manage an OBJECTTYPE record

N.A.

Yes

Table 1-1. Comparing Guardian Security and Safeguard Security (page 2 of 2)

Security Feature

Guardian
Security

Safeguard
Security

ACL Access control list.

*

Offered by extensions to the PASSWORD program.

+

Offered by the $CMON interface of TACL.

Codes for access authorities in ACL:

R - Read

E - Execute

C - Create

W - Write

P - Purge

O - Owner

This manual is related to the following products:
See also other documents in the category HP Computer hardware: