Table of Contents

Maintaining System Security

Reinitializing the System

Making the SYSTEM/INFOGUARDSUPPORT Library Available

Tape Volume Security

Support and Maintenance

General Security Considerations

Adding Potentially Hazardous Files

Reinitializing the System

Support and Maintenance

Introduction to Security Center

Overview of Security Center

Locum SafeSurvey Client

Locum SecureAudit Client

Locum RealTime Config

Role-Based Access Control

Operation of Security Center

Security Center Guard File

Troubleshooting Connection and Access Problems

System Configuration

Client Access Services Pipe Definition

Client Displays “No process on the other end of the pipe”

Security Center Error Codes and Meanings

WINS and DNS Problems

Networking Problems (Ports Blocked)

Unable to Open Cryptography or User Realms Database

Installing Security Center

Preparing for Installation

Database Installation Process

System Library Requirements

Secure Erasure of Database Files

Troubleshooting

Migrating and Upgrading Security Center

Migrating the Security Center Database

Upgrading the Security Center Database

Key Manager Library

Operator Commands for the Key Manager Library

Troubleshooting the Key Manager Library

Support for Role-Based Access Control in the Application Environment

Java Realms

Realm Descriptor Attributes

Application Role-Based Access Control

Defining a User with Standard Usercode Attributes

Making a New Usercode

Standard Usercode Attributes

System-Maintained Usercode Attributes

Modifying Nonprivileged Usercode Attributes

Identifying Users from Remote Hosts

Using Local-Alias Usercodes

Automatic Log-On Service

Managing Usercodes for Remote Users

REMOTEUSER Statement

Functional Considerations

Identifying Kerberos Users

Protecting the USERDATAFILE

Protection from Unwarranted Change and Removal

Backing Up the USERDATAFILE

Security Configuration Best Practices