ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamv_5.4.0.1/rzamvconcepts.htm

141 lines
10 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Concepts" />
<meta name="abstract" content="To effectively create a security policy and plan security measures for your system, you need to understand the following security concepts, some of which are general concepts and some of which are specific to the hardware type." />
<meta name="description" content="To effectively create a security policy and plan security measures for your system, you need to understand the following security concepts, some of which are general concepts and some of which are specific to the hardware type." />
<meta name="DC.Relation" scheme="URI" content="rzamvplansec.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamvbasicterm.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamvseclvlterm.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamvlockdown.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamvglobalsettings.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamvuserprof.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamvgroupprof.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamvauthlists.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamvvalidlist.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamvmenusec.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamvusersec.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamvresourcesec.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamvsectools.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamvaudits.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamvauthtypes.htm" />
<meta name="DC.Relation" scheme="URI" content="rzamvidsdevpolicy.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="concepts" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Concepts</title>
</head>
<body id="concepts"><a name="concepts"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Concepts</h1>
<div><p>To effectively create a security policy and plan security measures
for your system, you need to understand the following security concepts, some
of which are general concepts and some of which are specific to the hardware
type.</p>
<p>A small system might have three to five users and a large system might
have several thousand users. Some installations have all their workstations
in a single, relatively secure area. Others have widely distributed users,
including users who connect by dialing in and indirect users connected through
personal computers or system networks. Security on this system is flexible
enough to meet the requirements of this wide range of users and situations.
You need to understand the features and options available so that you can
adapt them to your own security requirements. This topic provides
an overview of the security features on the system. </p>
<p>System security has three important objectives: </p>
<div class="p"><strong>Confidentiality: </strong><ul><li>Protecting against disclosing information to unauthorized people. </li>
<li>Restricting access to confidential information. </li>
<li>Protecting against curious system users and outsiders. </li>
</ul>
</div>
<div class="p"><strong>Integrity: </strong><ul><li>Protecting against unauthorized changes to data.</li>
<li>Restricting manipulation of data to authorized programs. </li>
<li>Providing assurance that data is trustworthy.</li>
</ul>
</div>
<div class="p"><strong>Availability:</strong> <ul><li>Preventing accidental changes or destruction of data. </li>
<li>Protecting against attempts by outsiders to abuse or destroy system resources. </li>
</ul>
</div>
<p>System security is often associated with external threats, such as hackers
or business rivals. However, protection against system accidents by authorized
system users is often the greatest benefit of a well-designed security system.
In a system without good security features, pressing the wrong key might result
in deleting important information. System security can prevent this type of
accident. </p>
<p>The best security system functions cannot produce good results without
good planning. Security that is set up in small pieces, without planning,
can be confusing. It is difficult to maintain and to audit. Planning does
not imply designing the security for every file, program, and device in advance.
It does imply establishing an overall approach to security on the system and
communicating that approach to application designers, programmers, and system
users. </p>
<div class="p">As you plan security on your system and decide how much security you need,
consider these questions: <ul><li>Is there a company policy or standard that requires a certain level of
security? </li>
<li>Do the company auditors require some level of security? </li>
<li>How important is your system and the data on it to your business?</li>
<li>How important is the error protection provided by the security features? </li>
<li>What are your company security requirements for the future? </li>
</ul>
</div>
<p>To facilitate installation, many of the security capabilities on your system
are not activated when your system is shipped. Recommendations are provided
in this topic to bring your system to a reasonable level of security. Consider
the security requirements of your own installation as you evaluate the recommendations. </p>
</div>
<div>
<ul class="ullinks">
<li class="ulchildlink"><strong><a href="rzamvbasicterm.htm">Basic terminology</a></strong><br />
This topic provides users with basic security terminology.</li>
<li class="ulchildlink"><strong><a href="rzamvseclvlterm.htm">Security levels</a></strong><br />
Security on your system is arranged in a series of levels, with each level offering a greater degree of security and protection of your data than the previous level.</li>
<li class="ulchildlink"><strong><a href="rzamvlockdown.htm">Lockable security system values</a></strong><br />
You can lock the security-related system values to prevent users and programs from changing those values.</li>
<li class="ulchildlink"><strong><a href="rzamvglobalsettings.htm">Global settings</a></strong><br />
Global settings affect how work enters the system and how the system appears to other users.</li>
<li class="ulchildlink"><strong><a href="rzamvuserprof.htm">User profiles</a></strong><br />
Every system user must have a user identity before they can sign
on to and use a system. This user identity is called a <dfn class="term">user profile</dfn>.</li>
<li class="ulchildlink"><strong><a href="rzamvgroupprof.htm">Group profiles</a></strong><br />
Group profiles define authority for a group of users.</li>
<li class="ulchildlink"><strong><a href="rzamvauthlists.htm">Authorization lists</a></strong><br />
Like a group profile, an authorization list allows you to group objects with similar security requirements and associate the group with a list of users and user authorities.</li>
<li class="ulchildlink"><strong><a href="rzamvvalidlist.htm">Validation list objects</a></strong><br />
Validation list objects provide a method for applications to securely store user authentication information.</li>
<li class="ulchildlink"><strong><a href="rzamvmenusec.htm">Menu security</a></strong><br />
Menu security controls which menu functions a user can perform.</li>
<li class="ulchildlink"><strong><a href="rzamvusersec.htm">User security</a></strong><br />
From a user's point of view, security affects how they use and complete tasks on the system.</li>
<li class="ulchildlink"><strong><a href="rzamvresourcesec.htm">Resource security</a></strong><br />
You can use resource security on the system to control the actions of authorized users after successful authentication.</li>
<li class="ulchildlink"><strong><a href="rzamvsectools.htm">System security tools</a></strong><br />
You can use security tools to manage and monitor the security environment on your system.</li>
<li class="ulchildlink"><strong><a href="rzamvaudits.htm">Security audits</a></strong><br />
This topic describes the purpose of security audits.</li>
<li class="ulchildlink"><strong><a href="rzamvauthtypes.htm">Types of authority</a></strong><br />
This article discusses the types of authority that can be authorized and used on the server.</li>
<li class="ulchildlink"><strong><a href="rzamvidsdevpolicy.htm">Intrusion detection</a></strong><br />
Intrusion detection involves gathering information about unauthorized access attempts and attacks coming in via the TCP/IP network.</li>
</ul>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzamvplansec.htm" title="This topic collection provides you with detailed information about planning, setting up, and using your system security. This topic collection combines the information formerly in the Basic system security and planning topic collection and in the Tips and Tools for Securing Your iSeries manual.">Plan and set up system security</a></div>
</div>
</div>
</body>
</html>