Caché Security Administration Guide
Contents
 
   
Server:docs1
Instance:LATEST
User:UnknownUser
 
-
Go to:
Search:    

 
Contents

Preface : 
 
 
Chapter 1: 
 
  • 1.1 Authentication: Establishing Identity
  • 1.1.1 About Kerberos
  • 1.1.2 About Operating-System–Based Authentication
  • 1.1.3 About LDAP Authentication
  • 1.1.4 About Caché Login
  • 1.1.5 About Delegated Authentication
  • 1.2 Authorization: Controlling User Access
  • 1.2.1 Authorization Basics
  • 1.2.2 Resources and What They Protect
  • 1.2.3 For More Information on Authorization
  • 1.3 Auditing: Knowing What Happened
  • 1.4 Managed Key Encryption: Protecting Data on Disk
  • 1.5 Managing Security with the Management Portal
  • 1.6 Notes on Technology, Policy, and Action
  • 1.7 A Note on Certification
  • Chapter 2: 
     
  • 2.1 Authentication Basics
  • 2.2 About the Different Authentication Mechanisms
  • 2.2.1 Kerberos Authentication
  • 2.2.2 Operating-System–Based Authentication
  • 2.2.3 Caché Authentication
  • 2.2.4 LDAP Authentication
  • 2.2.5 Delegated Authentication
  • 2.2.6 Unauthenticated Access
  • 2.3 About the Different Access Modes
  • 2.3.1 About Local Access
  • 2.3.2 About Client/Server Access
  • 2.3.3 About Web Access
  • 2.4 Configuring for Kerberos Authentication
  • 2.4.1 About Kerberos and the Access Modes
  • 2.4.2 Specifying Connection Security Levels
  • 2.4.3 Setting Up a Client
  • 2.4.4 Obtaining User Credentials
  • 2.4.5 Setting Up a Secure Channel for a Web Connection
  • 2.5 Configuring for Operating-System–Based Authentication
  • 2.5.1 Configuring for OS-Based Authentication with Native Authorization
  • 2.5.2 Configuring for OS-Based Authentication with Delegated Authorization
  • 2.5.3 Configuring for OS-Based Authentication with LDAP Authorization
  • 2.6 Configuring for Authentication with Caché Login
  • 2.6.1 Web
  • 2.6.2 ODBC
  • 2.6.3 Telnet and Caché Direct
  • 2.7 Configuring Two-Factor Authentication
  • 2.7.1 Overview of Setting Up Two-Factor Authentication
  • 2.7.2 Configuring Two-Factor Authentication for the Server
  • 2.7.3 Enabling or Disabling Two-Factor Authentication for a Service
  • 2.7.4 Configuring Web Applications for Two-Factor Authentication
  • 2.7.5 Configuring an End-User for Two-Factor Authentication
  • 2.7.6 Configuring Bindings Clients for Two-Factor Authentication
  • 2.8 Other Topics
  • 2.8.1 System Variables and Authentication
  • 2.8.2 Using Multiple Authentication Mechanisms
  • 2.8.3 Cascading Authentication
  • 2.8.4 Authentication-Authorization Matrix
  • 2.8.5 Establishing Connections with the UnknownUser Account
  • 2.8.6 Programmatic Logins
  • 2.8.7 The JOB Command and Establishing a New User Identity
  • Chapter 3: 
     
  • 3.1 About Resources
  • 3.2 System Resources
  • 3.2.1 Administrative Resources
  • 3.2.2 The %Development Resource
  • 3.2.3 The %System_Callout Resource
  • 3.2.4 The %Secure_Break Resource
  • 3.3 Database Resources
  • 3.3.1 Database Resource Privileges
  • 3.3.2 Shared Database Resources
  • 3.3.3 Default Database Resource
  • 3.3.4 Unknown or Non-Valid Resource Names
  • 3.3.5 Namespaces
  • 3.3.6 Databases that Ship with Caché
  • 3.4 Application Resources
  • 3.5 Creating or Editing a Resource
  • 3.5.1 Resource Naming Conventions
  • 3.6 Using Custom Resources with the Management Portal
  • 3.6.1 Defining and Applying a Custom Resource to a Page
  • 3.6.2 Removing a Custom Resource from a Page
  • Chapter 4: 
     
  • 4.1 How Privileges Work
  • 4.2 Public Permissions
  • 4.3 Checking Privileges
  • 4.4 When Changes in Privileges Take Effect
  • Chapter 5: 
     
  • 5.1 About Roles
  • 5.2 Roles, Users, Members, and Assignments
  • 5.2.1 An Example of Multiple Role Assignment
  • 5.3 Creating Roles
  • 5.3.1 Naming Conventions
  • 5.4 Managing Roles
  • 5.4.1 Viewing Existing Roles
  • 5.4.2 Deleting a Role
  • 5.4.3 Giving New Privileges to a Role
  • 5.4.4 Modifying Privileges for a Role
  • 5.4.5 Removing Privileges from a Role
  • 5.4.6 Assigning Users or Roles to the Current Role
  • 5.4.7 Removing Users or Roles from the Current Role
  • 5.4.8 Assigning the Current Role to Another Role
  • 5.4.9 Removing the Current Role from Another Role
  • 5.4.10 Modifying a Role’s SQL-Related Options
  • 5.5 Predefined Roles
  • 5.5.1 %All
  • 5.5.2 Default Database Resource Roles
  • 5.6 Login Roles and Added Roles
  • 5.6.1 A Note on Added Roles and Access in the Management Portal
  • 5.7 Programmatically Managing Roles
  • Chapter 6: 
     
  • 6.1 Properties of Users
  • 6.1.1 About User Types
  • 6.2 Creating and Editing Users
  • 6.2.1 Creating a New User
  • 6.2.2 Editing an Existing User
  • 6.3 Viewing and Managing Existing Users
  • 6.3.1 Deleting a User
  • 6.3.2 Viewing a User Profile
  • 6.4 Predefined User Accounts
  • 6.4.1 Default Predefined Account Behavior
  • 6.4.2 Notes on Various Accounts
  • 6.5 Validating User Accounts
  • Chapter 7: 
     
  • 7.1 Available Services
  • 7.1.1 Notes on Individual Services
  • 7.2 Service Properties
  • 7.3 Services and Authentication
  • 7.4 Services and Their Resources
  • Chapter 8: 
     
  • 8.1 Applications, Their Properties, and Their Privileges
  • 8.1.1 Applications and Their Properties
  • 8.1.2 Associating Applications with Resources
  • 8.1.3 Applications and Privilege Escalation
  • 8.1.4 Checking for Privileges Programmatically
  • 8.2 Application Types
  • 8.2.1 Web Applications
  • 8.2.2 Privileged Routine Applications
  • 8.2.3 Client Applications
  • 8.3 Creating and Editing Applications
  • 8.3.1 Creating and Editing an Application: The General Tab
  • 8.3.2 Editing an Application: The Application Roles Tab
  • 8.3.3 Editing an Application: The Matching Roles Tab
  • 8.3.4 Editing an Application: The Routines Tab
  • 8.4 System Applications
  • Chapter 9: 
     
  • 9.1 Basic Auditing Concepts
  • 9.1.1 Enabling or Disabling Auditing
  • 9.2 About Audit Events
  • 9.2.1 Elements of an Audit Event
  • 9.2.2 About System Audit Events
  • 9.2.3 Enabling and Disabling System Events
  • 9.2.4 About User Events
  • 9.3 Managing Auditing and the Audit Database
  • 9.3.1 Viewing the Audit Database
  • 9.3.2 Copying, Exporting, and Purging the Audit Database
  • 9.3.3 Encrypting the Audit Database
  • 9.3.4 General Management Functions
  • 9.4 Other Auditing Issues
  • 9.4.1 Freezing Caché If There Can Be No Audit Log Writes
  • 9.4.2 About Counters
  • Chapter 10: 
     
  • 10.1 Managing Keys and Key Files
  • 10.1.1 Creating a Key File
  • 10.1.2 Adding a Key to a Key File
  • 10.1.3 Deleting a Key from a Key File
  • 10.1.4 Adding an Administrator to a Key File
  • 10.1.5 Deleting an Administrator from a Key File
  • 10.1.6 Activating a Database Encryption Key
  • 10.1.7 Deactivating a Database Encryption Key
  • 10.1.8 Specifying the Default Database Encryption Key or Journal Encryption Key for an Instance
  • 10.1.9 Activating a Data Element Encryption Key
  • 10.1.10 Deactivating a Data Element Encryption Key
  • 10.1.11 Testing for a Valid Administrator Username-Password Pair
  • 10.1.12 Managing Keys and Key Files with Multiple-Instance Technologies
  • 10.2 Recommended Policies for Managing Keys and Key Files
  • 10.2.1 Protection from Accidental Loss of Access to Encrypted Data
  • 10.2.2 Protection from Unauthorized Access to Encrypted Data
  • 10.3 Using Encrypted Databases
  • 10.3.1 Creating an Encrypted Database
  • 10.3.2 Establishing Access to an Encrypted Database
  • 10.3.3 Closing the Connection to an Encrypted Database
  • 10.3.4 Moving an Encrypted Database Between Instances
  • 10.3.5 Configuring Caché Database Encryption Startup Settings
  • 10.3.6 About Encrypting the Databases that Ship with Caché
  • 10.4 Using Data Element Encryption
  • 10.4.1 Programmatically Managing Keys
  • 10.4.2 Data Element Encryption Calls
  • 10.4.3 Support for Re-Keying Data in Real Time
  • 10.5 Emergency Situations
  • 10.5.1 If the File Containing an Activated Key is Damaged or Missing
  • 10.5.2 If the Database-Encryption Key File Is Required at Startup and Is Not Present
  • 10.6 Other Information
  • 10.6.1 Key File Encryption Information
  • 10.6.2 Encryption and Database-Related Caché Facilities
  • Chapter 11: 
     
  • 11.1 SQL Privileges and System Privileges
  • 11.2 The SQL Service
  • 11.2.1 CREATE USER
  • 11.2.2 Effect of Changes
  • 11.2.3 Required Privileges for Working with Tables
  • Chapter 12: 
     
  • 12.1 System Security Settings Page
  • 12.2 System-Wide Security Parameters
  • 12.2.1 Protecting Sensitive Data in Memory Images
  • 12.3 Authentication Options
  • 12.4 The Secure Debug Shell
  • 12.4.1 Enabling Use of the Secure Shell
  • 12.4.2 Restricted Commands and Functions
  • 12.5 Password Strength and Password Policies
  • 12.5.1 Suggested Administrator Password Strength
  • 12.6 Protecting Caché Configuration Information
  • 12.7 Managing Caché Security Domains
  • 12.7.1 Single and Multiple Domains
  • 12.7.2 The Default Security Domain
  • 12.7.3 Listing, Editing, and Creating Domains
  • 12.8 Security Advisor
  • 12.8.1 Auditing
  • 12.8.2 Services
  • 12.8.3 Roles
  • 12.8.4 Users
  • 12.8.5 CSP, Privileged Routine, and Client Applications
  • 12.9 Effect of Changes
  • 12.10 Emergency Access
  • 12.10.1 Invoking Emergency Access Mode
  • 12.10.2 Emergency Access Mode Behavior
  • Chapter 13: 
     
  • 13.1 About SSL/TLS
  • 13.2 About Configurations
  • 13.2.1 Creating or Editing an SSL/TLS Configuration
  • 13.2.2 Deleting a Configuration
  • 13.2.3 Reserved Configuration Names
  • 13.3 Configuring the Caché Superserver to Use SSL/TLS
  • 13.4 Configuring the Caché Telnet Service to Use SSL/TLS
  • 13.4.1 Configuring the Caché Telnet Server for SSL/TLS
  • 13.4.2 Configuring Telnet Clients for SSL/TLS
  • 13.5 Configuring .NET Clients to Use SSL/TLS with Caché
  • 13.6 Configuring Java Clients to Use SSL/TLS with Caché
  • 13.6.1 Determining the Need for a Keystore and a Truststore
  • 13.6.2 Creating a Client Configuration
  • 13.6.3 Specifying the Use of the Client Configuration
  • 13.7 Configuring Caché to Use SSL/TLS with Mirroring
  • 13.7.1 About Mirroring and SSL/TLS
  • 13.7.2 Creating and Editing an SSL/TLS Configuration for a Mirror
  • 13.8 Configuring Caché to Use SSL/TLS with TCP Devices
  • 13.8.1 Configuring a Client to Use SSL/TLS with a TCP Connection
  • 13.8.2 Configuring a Server to Use SSL/TLS with a TCP Socket
  • 13.9 Configuring the CSP Gateway to Connect to Caché Using SSL/TLS
  • 13.10 Establishing the Required Certificate Chain
  • Chapter 14: 
     
  • 14.1 About the InterSystems Public Key Infrastructure (PKI)
  • 14.1.1 Help for Management Portal PKI Tasks
  • 14.2 Certificate Authority Server Tasks
  • 14.2.1 Configuring a Caché Instance as a Certificate Authority Server
  • 14.2.2 Managing Pending Certificate Signing Requests
  • 14.3 Certificate Authority Client Tasks
  • 14.3.1 Configuring a Caché Instance as a Certificate Authority Client
  • 14.3.2 Submitting a Certificate Signing Request to a Certificate Authority Server
  • 14.3.3 Getting Certificate(s) from Certificate Authority Server
  • Chapter 15: 
     
  • 15.1 Overview of Delegated Authentication
  • 15.1.1 How Delegated Authentication Works
  • 15.2 Creating Delegated (User-Defined) Authentication Code
  • 15.2.1 Authentication Code Fundamentals
  • 15.2.2 Signature
  • 15.2.3 Authentication Code
  • 15.2.4 Setting Values for Roles and Other User Characteristics
  • 15.2.5 Return Value and Error Messages
  • 15.3 Setting Up Delegated Authentication
  • 15.4 After Delegated Authentication Succeeds
  • 15.4.1 The State of the System
  • 15.4.2 Changing Passwords
  • Chapter 16: 
     
  • 16.1 Overview of Using LDAP with Caché
  • 16.1.1 Using LDAP Authorization
  • 16.2 Configuring Caché to Use an LDAP Server
  • 16.2.1 Specifying Configuration Information for LDAP in Caché
  • 16.2.2 Specifying a Certificate File on Windows
  • 16.2.3 Searching the LDAP Database
  • 16.3 Setting Up LDAP-Based Authentication
  • 16.4 After Authentication — The State of the System
  • 16.5 Configuring the LDAP Server to Use Registered LDAP Properties
  • 16.6 Using LDAP Authorization with OS-Based Authentication
  • Chapter 17: 
     
  • 17.1 Overview of Delegated Authorization
  • 17.2 Creating Delegated (User-defined) Authorization Code
  • 17.2.1 Working from the ZAUTHORIZE.mac Template
  • 17.2.2 ZAUTHORIZE Signature
  • 17.2.3 Authorization Code with ZAUTHORIZE
  • 17.2.4 ZAUTHORIZE Return Value and Error Messages
  • 17.3 Configuring an Instance to Use Delegated Authorization
  • 17.3.1 Delegated Authorization and User Types
  • 17.4 After Authorization — The State of the System
  •  
    Appendix A: 
     
  • A.1 Enabling Auditing
  • A.2 Changing the Authentication Mechanism for an Application
  • A.2.1 Giving the %Service_CSP:Use Privilege to the CSPSystem User
  • A.2.2 Changing the Password of the CSPSystem User
  • A.2.3 Configuring the CSP Gateway to Provide a Username and Password
  • A.2.4 Configuring %Service_CSP to Require Password Authentication
  • A.2.5 Removing the Public Status of the %Service_CSP:Use Privilege
  • A.2.6 Configuring the Management Portal to Accept Password Authentication Only
  • A.2.7 Specifying the Appropriate Privilege Level for the Instance’s Users
  • A.2.8 Making the Documentation or Samples Available
  • A.2.9 Beginning Enforcement of New Policies
  • A.3 Limiting the Number of Public Resources
  • A.4 Restricting Access to Services
  • A.4.1 Limiting the Number of Enabled Services
  • A.4.2 Limiting the Number of Public Services
  • A.4.3 Restricting Access to Services by IP Address or Machine Name
  • A.5 Restricting Public Privileges
  • A.6 Limiting the Number of Privileged Users
  • A.7 Disabling the _SYSTEM User
  • A.8 Restricting Access for UnknownUser
  • A.8.1 Potential Lockout Issue with the UnknownUser Account When Increasing Security
  • A.9 Configuring Third-Party Software
  • Appendix B: 
     
  • B.1 Converting an Unencrypted Database to be Encrypted
  • B.2 Converting an Encrypted Database to be Unencrypted
  • B.3 Converting an Encrypted Database to Use a New Key
  • B.4 Using Command-line Options with cvencrypt
  • B.5 Using cvencrypt in Batch Mode on OpenVMS
  • Appendix C: 
     
    Appendix D: 
     
    Appendix E: 
     
  • E.1 The Underlying Need
  • E.2 About Public-Key Cryptography
  • E.3 Authentication, Certificates, and Certificate Authorities
  • E.4 How the CA Creates a Certificate
  • E.5 Limitations on Certificates: Expiration and Revocation
  • E.6 Recapping PKI Functionality
  • Appendix F: 
     
  • F.1 ^SECURITY
  • F.2 ^EncryptionKey
  • F.3 ^DATABASE
  • F.4 ^%AUDIT