friedkiwi/ibm-information-center
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
master
ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzal2_5.4.0.1/rzal2settingsecurity.htm

108 lines
7.7 KiB
HTML
Raw Permalink Blame History

<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Security and user authority" />
<meta name="abstract" content="The operating system determines which resources users might access based on information in their user profiles and the security strategy implemented for this system. Learn about security settings and how to manage user authorities efficiently." />
<meta name="description" content="The operating system determines which resources users might access based on information in their user profiles and the security strategy implemented for this system. Learn about security settings and how to manage user authorities efficiently." />
<meta name="DC.Relation" scheme="URI" content="rzal2reference.htm" />
<meta name="DC.Relation" scheme="URI" content="rzal2authorities.htm" />
<meta name="DC.Relation" scheme="URI" content="rzal2sec.htm" />
<meta name="DC.Relation" scheme="URI" content="rzal2userprofiles.htm" />
<meta name="DC.Relation" scheme="URI" content="rzal2authlist.htm" />
<meta name="DC.Relation" scheme="URI" content="../rzakz/rzakz1.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzal2settingsecurity" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Security and user authority</title>
</head>
<body id="rzal2settingsecurity"><a name="rzal2settingsecurity"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Security and user authority</h1>
<div><p>The operating system determines which resources users might access
based on information in their user profiles and the security strategy implemented
for this system. Learn about security settings and how to manage user authorities
efficiently.</p>
<p>Security is a critical part of iSeries™ operations. It is built into
the operating system, and impacts nearly every function on the system. The iSeries security
environment determines the commands and functions available to users, and
the objects they can access.</p>
<p>Typically the security strategy restricts the objects a user can access.
For systems with object-level security, there are several ways to provide
authority to access objects. Often, user profiles will explicitly grant types
of access to specific objects. To simplify the task of managing all these
permissions, authorization lists can specify groups of objects, and users
can be given access to these lists. Accessing these lists then provides access
to all of the objects the list specifies.</p>
<p>The level of iSeries server
security, and other more detailed security practices, often affect system
operations. The following concepts are important for understanding user requirements
in various security environments:</p>
<div class="tablenoborder"><table cellpadding="4" cellspacing="0" summary="" frame="void" border="0" rules="none"><tbody><tr><th align="left" valign="top" width="14.285714285714285%" class="firstcol" id="d0e36">Security levels</th>
<td valign="top" width="85.71428571428571%" headers="d0e36 ">The operating system operates in one of several predefined
levels of security. The security level currently in effect determines the
level of detail that user profiles must provide to grant appropriate access
to system resources. This level of detail can range from simple password management
to explicitly providing a level of access to each object that a user can read
or change.</td>
</tr>
<tr><th align="left" valign="top" width="14.285714285714285%" class="firstcol" id="d0e41">Security system values</th>
<td valign="top" width="85.71428571428571%" headers="d0e41 ">Many more detailed aspects of system security are set
by the system values. These system values set the security level, and grant
or restrict options like adopted authority.</td>
</tr>
<tr><th align="left" valign="top" width="14.285714285714285%" class="firstcol" id="d0e46">User profiles</th>
<td valign="top" width="85.71428571428571%" headers="d0e46 ">The user profile contains most of the authorizations and preferences
for individual users or groups. You can use iSeries Navigator to create
and manage users and groups across the server.</td>
</tr>
<tr><th align="left" valign="top" width="14.285714285714285%" class="firstcol" id="d0e54">Authorization lists</th>
<td valign="top" width="85.71428571428571%" headers="d0e54 ">You can create authorization lists that specify groups of objects.
Users and groups can then be authorized to this list, granting them authority
to everything that list contains.</td>
</tr>
</tbody>
</table>
</div>
<p>Also, security settings regarding policies and authorization lists are
available in iSeries Navigator
under <span class="uicontrol">Security</span>.</p>
</div>
<div>
<ul class="ullinks">
<li class="ulchildlink"><strong><a href="rzal2authorities.htm">Authority to access objects</a></strong><br />
Depending on the security level and other security settings, users might be given several levels of access to objects on the server.</li>
<li class="ulchildlink"><strong><a href="rzal2sec.htm">Security levels</a></strong><br />
The operating system operates in one of several predefined levels of security. The security level currently in effect determines the level of detail that user profiles must provide to grant appropriate access to system resources. This level of detail can range from simple password management to explicitly providing a level of access to each object that a user can read or change.</li>
<li class="ulchildlink"><strong><a href="rzal2userprofiles.htm">User profiles</a></strong><br />
The user profile contains most of the authorizations and preferences
for individual users or groups. With iSeries Navigator, you can create and
manage users and groups across the server.</li>
<li class="ulchildlink"><strong><a href="rzal2authlist.htm">Authorization lists</a></strong><br />
The task of granting each user authority to every separate object to which the user needs access can be time-consuming and complex. You can simplify this process by creating authorization lists that specify groups of objects. Users and groups can then be authorized to this list, granting them authority to everything that list contains.</li>
</ul>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzal2reference.htm" title="Learn about the essential components of the iSeries server, including the basics of work management, how to interact with the operating system, and system maintenance.">i5/OS concepts</a></div>
</div>
<div class="relconcepts"><strong>Related concepts</strong><br />
<div><a href="../rzakz/rzakz1.htm">System values</a></div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink