Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home

Administering Your HP-UX Trusted System
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Index

spacerspacerspacer
spacer
spacer
   
 

HP Part Number: B2355-90121

First Edition

August 1996

Table of Contents

Preface
1 Description of the HP-UX Trusted System
Background Required
What is a Trusted System?
What is C2-Level Trusted Mode?
Parts of the TCB
Excluded from the TCB
TCB Interface
Trusted System Administration
System Administration Manager
Trusted Computer System Evaluation Criteria
Discretionary Access Control
Object Reuse
Identification and Authentication
Audit
System Architecture
System Integrity
Planning System Security
System Security Policy
Developing a Security Policy
Approaching System Security
Securing System Users
HP-UX C-Level Security Trusted Facility Documentation
Security Features User's Guide
Printing the SFUG Supplement
Trusted Facility Manual
E3/FC2 ITSEC Security Certification
2 Installation and Configuration of an HP-UX Trusted System
Information about Installing or Upgrading HP-UX
Conversion Prerequisites
Setting Secure Mode on Workstations
Preventing Access to ISL and the System Console on Servers
Obtaining Security Patches
Obtaining Non-Security Patches
Verifying and Replicating Your System Configuration
Setting Up Your C2-Level Trusted System
Completing the Setup
Verifying Setup
Auditing Trusted Systems
Administering Auditing
Setting Up Auditing
Turning On Auditing
Selecting Events to Audit
Default Auditing Parameters
Selecting Data to Audit
Auditing Log Files
Audit Record Formats
Reducing and Analyzing the Audit File
Maintaining the Auditing Subsystem
Planning Sufficient Disk Space for Auditing Data
Maintaining Audit Across Boot
Recovering From a System Crash
Setting Up Password Controls
Before Adding Users...
Setting Up Password and Account Securities Policies
Maintaining the Password Files
Entries in the Protected Password Database
Selecting and Generating Passwords
Password Aging
Time-Based Access Control
Device-Based Access Control
Manipulating the Trusted System Databases
Account and Terminal Lock Flags
Changing the Owner of a File
3 Practices that Enforce the Trustworthiness of the System
Background on Security Practices
Safe Administrative Practices
Common Security Practices
User Passwords
Account Security
Managing File and Directory Access
Guidelines for Administering Auditing
Recovering From Full Audit Files
Privileged Groups
Root Use Guidelines
4 Practices that Compromise the Trustworthiness of the System
Lack of Password Security
Incomplete User Education
Unsafe Password Practices
Lack of Routine System Checks
Auditing Not Used Effectively
Unlimited File and Directory Access
Unsafe Storage of System Backups
Lack of Physical Security
Improper Access to System Hardware
Improper Access to System Documentation
Environmental Risks
A Audit Record Format
Audit Records
System Call Audit Record Format
Self-Auditing Audit Record Format
Self-Auditing Commands
B Commands and System Calls
C SFUG Supplement
Index

List of Tables

1-1 TCSEC C2-Level System Features
1-2 Trusted Facility Manual Information Mapping
2-1 Audit Event Types and System Calls
2-2 Library Routines for Manipulating Trusted System Databases
B-1 Commands and System Calls
   


Preface  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© Hewlett-Packard Development Company, L.P.