Auditing, The safeguard subsystem and standard security – HP Integrity NonStop J-Series User Manual

Introduction to the Safeguard Subsystem

Safeguard User’s Guide — 422089-020

1 - 4

Auditing

Auditing

At your request, the Safeguard subsystem can create audit records of attempts to
access your objects. When a user attempts to access an object for which auditing is
specified, the Safeguard software records the attempt in an audit file. Records in the
audit files contain information such as the name of the object, the date and time of the
access attempt, and the user ID of the user attempting the access.

Security administrators can use the audit files to detect any attempts to access an
object. The Safeguard software can also audit attempts to access or change the
authorization records for subjects or objects. In addition, the Safeguard subsystem can
be configured for systemwide auditing of all objects or specific types of objects, such
as disk files. Auditing is fully described in the Safeguard Audit Service Manual.

The Safeguard Subsystem and Standard
Security

The Safeguard subsystem does not completely replace the standard security
mechanisms of the Guardian environment. Working with Guardian, the Safeguard
subsystem enforces the additional security controls established by system managers,
security administrators, and general users.

Table 1-1 compares the standard security features to the extensions offered by the
Safeguard subsystem. This table summarizes commonly used Safeguard security
features, including those reserved for privileged users. The table does not provide a
complete list of all Safeguard security features.

The basic differences between Safeguard security and standard security are:

•

In the Guardian environment, users control their own security attributes (that is,
logon password and disk-file security).

In the Safeguard database, each user is represented by a user authentication
record, and the owner of the authentication record controls the security attributes
for that user. Typically, privileged users own the user authentication records.

Similarly, each object protected by the Safeguard software is represented by an
object access authorization record, and the owners of that authorization record
control the security attributes for that object. General users usually own the
authorization records for their own files and subvolumes. Privileged users own the
authorization records for other object types such as volumes and devices.

•

The Guardian environment can control access to only one object type: disk files.
File access is permitted according to the security string associated with the file.
The file owner can specify that access to the file be limited to the owner or to users
in the owner's group, or that access be granted to all users.

In addition to disk files, the Safeguard software controls access to several other
types of objects, such as volumes, subvolumes, and devices. With the Safeguard
software, the owner of the authorization record for any protected object can create