HP (Hewlett-Packard) 8.3-1H1 Garage Door Opener User Manual


 
HP OpenVMS Alpha Version 8.3 and HP OpenVMS Version 8.3-1H1 for Integrity Servers SPD 82.35.14
Users can change their password voluntarily, or the sys-
tem manager can specify how frequently passwords
change, along with minimum password length, and the
use of randomly generated passwords.
Operations
OpenVMS allows for varying levels of privilege to be
assigned to different operators. Operators can use
the OpenVMS Help Message utility to receive online
descriptions of error messages. In addition, system-
generated messages can be routed to different terminals
based on their interest to the console operators, tape li-
brarians, security administrators, and system managers.
Security auditing is provided for the selective recording
of security-related events. This auditing information can
be directed to security operator terminals (alarms) or
to the system security audit log file (audits). Each au-
dit record contains the date and time of the event, the
identity of the associated user process, and additional
information specific to each event.
OpenVMS provides security auditing for the following
events:
Login and logout
Login failures and break-in attempts
Object creation, access, deaccess, and deletion; se-
lectable by use of privilege, type of access, and on
individual objects
Authorization database changes
Network logical link connections for DECnet for
OpenVMS, DECnet-Plus, DECwindows, IPC, and
SYSMAN
Use of identifiers or privileges
Installed image additions, deletions, and replace-
ments
Volume mounts and dismounts
Use of the Network Control Program (NCP) utility
Use or failed use of individual privileges
Use of individual process control system services
System parameter changes
System time changes and recalibrations
Every security-relevant system object is labeled with the
UIC of its owner along with a simple protection mask.
The owner UIC consists of two fields: the user field
and a group field. System objects also have a protec-
tion mask that allows read, write, execute, and delete
access to the object’s owner, group, privileged system
users, and to all other users. The system manager can
protect system objects with access control lists (ACLs)
that allow access to be granted or denied to a list of in-
dividual users, groups, or identifiers. ACLs can also be
used to audit access attempts to critical system objects.
OpenVMS applies full protection to the following system
objects:
Common event flag clusters
Devices
Files
Group global sections
Logical name tables
Batch/print queues
Resource domains
Security classes
System global sections
ODS-2 volumes
ODS-5 volumes
OpenVMS provides optional security solutions to protect
your information and communications:
OpenVMS Version 8.3-1H1 includes encryption for
data confidentiality that ships as part of the op-
erating system, thereby removing the requirement
to license and install Encrypt separately. The EN-
CRYPT and DECRYPT commands, now part of
OpenVMS, support AES file encryption with 128,
192, or 256 bit keys. AES encryption is also sup-
ported by BACKUP/ENCRYPT, allowing for the cre-
ation of encrypted tapes and save-sets. The built-in
encryption functionality is backward-compatible with
file and backup tapes created by the former lay-
ered product Encryption for OpenVMS. This layered
product featured 56-bit Data Encryption Standard
(DES), which continues to function today, allowing
for the decryption of archived DES encrypted data.
The AES encryption functionality supports Electronic
Code Book (ECB) and Cipher Block Chaining (CBC)
block modes of encryption. The Cipher Feedback
(CFB) and Output Feedback (OFB) 8-bit character
stream modes are also supported from the command
line as well as by the programmatic APIs.
Secure Sockets Layer (SSL) for OpenVMS Alpha
and Integrity server systems provides secure transfer
of sensitive information over the Internet
Common Data Security Architecture (CDSA) is con-
figured and initialized automatically during installa-
tion and upgrades and is required for Secure Deliv-
ery purposes and other security features. If you in-
stall a newer version of CDSA without upgrading the
base operating system, you must initalize the CDSA
software, using the following command. Enter the
command from an account that has both SYSPRV
8