beautypg.com

Database security, Ito application setup and execution, Security:login and execution – HP UX B6941-90001 User Manual

Page 453

background image

Chapter 10

453

Tuning, Troubleshooting, Security, and Maintenance

ITO Security

Database Security

Security of the database is controlled by the operating system and by the
database itself. Users must have an OS logon for either remote or local
access to the data. Once a user is logged on, security mechanisms of the
database control access to the database and tables.

For all other database security aspects see Using Relational Databases
with HP OpenView Network Node Manager and the vendor’s manuals
supplied with the database.

ITO Application Setup and Execution

Applications run under the account (user and password) specified by the
administrator during application configuration. The action agent uses
the information in this account before executing an application, that is, it
switches to the user specified and then uses the name and password
stored in the application request to start the application.

Application execution can be compromised by the use of password aging.
Password aging is a feature of C2 that expires passwords after:

❏ a specific period of time has passed

❏ a specific date has been reached

❏ a certain number of unsuccessful login attempts have been made

Administrators need to bear in mind that if this feature is enabled, it
could lead to application startup failures where the account that a given
application uses is temporarily inaccessible. In this case, the user or
system administrator has to change the password.

Remote Login and Command Execution

Security issues concerning remote login and command execution are
described here for ITO and for UNIX and MPE/iX platforms:

❏ If he does not apply the default user (setup by the ITO administrator)

for command broadcast or application startup, the ITO operator must
know the corresponding password. Otherwise, the
command/application will fail.

❏ When starting applications configured as Window (Input/Output):

• the password must be specified with the application attributes

-Or-

See also other documents in the category HP Computers: