Table of Contents

Access Control

Restricting System Access

Security Policy Management

Status and Privileges

Security Administrator Status

Privileged User Status

Granulated Privileges

Defining Access Rights Using Security Center

Role-Based Access Control

Role-Based Access Control for Security Center and Workload Management

Role-Based Access Control for the Java Environment

Guard Files

Tape Security

Authentication

Authentication Methods

SECURITYSUPPORT Library

Kerberos and GSS-API

Windows Network Authentication Protocols (NTLM/NTLMv2)

Password Aging

Password Generation

Cryptography

Data Encryption

Ciphers and Message Digests

Key Exchange

Digital Signatures

Digital Certificates

Public Key Infrastructure

Key Generation and Support

Tape, CD, and DVD Encryption

Application, File, and Database Encryption

FIPS 140-2 Validation

Network Security

SSL/TLS

FTP Over SSL/TLS

SSL/TLS APIs

Secure File Transfer Protocol (SFTP)

SSH Client

Secure Terminal Sessions

Internet Protocol Security (IPsec)

Filtering

TCP/IP Packet Filtering

Dynamic Port Filtering

Client Access Services

Web Transaction Server

Audit and Assessment

SYSTEM/SUMLOG File

SYSTEM/SECURITYLOG File

Logging of Security-Related Events

Web Transaction Server Log

Locum SafeSurvey Utility

Locum SafeSurvey Utility Reports

Report Highlights

Locum SecureAudit Utility

Locum SecureAudit Utility Reports

Report Highlights

Locum RealTime Monitor Utility

PCI Compliance

Logging of Activities Associated with a Mix Number

Codefile Verification

Generating a Codefile Checksum

Verifying a Codefile Checksum

Maintaining Codefile Verification Data

Reporting Codefile Verification Data

Reporting Codefile Verification Failures