|
|
Sold Out
Book Categories |
| Part I | AS/400 Security Basics | |
| Chapter 1 | Security Is a Business Function | 1 |
| Evaluating Your Risks | 1 | |
| Evaluating the Threats | 4 | |
| Managing the Strategic Issues | 4 | |
| Getting Started | 8 | |
| Chapter 2 | Security at the System Level | 11 |
| The System Security Level | 11 | |
| Security Level 10 | 12 | |
| Security Level 20 | 13 | |
| Security Level 30 | 14 | |
| Security Level 40 | 15 | |
| Security Level 50 | 19 | |
| Security-Related System Values | 21 | |
| A Helpful Tool | 42 | |
| Operations Navigator | 42 | |
| Chapter 3 | The Facts About User Profiles | 45 |
| Why User Profiles? | 45 | |
| What Is a User Profile? | 45 | |
| User Profile Attributes | 46 | |
| Helpful Tools | 59 | |
| Operations Navigator | 61 | |
| Chapter 4 | Object Authorization | 63 |
| Specific Authorities | 63 | |
| Authority Classes | 66 | |
| Granting and Revoking Specific Authorities | 68 | |
| Group Profiles | 69 | |
| Public Authority | 71 | |
| Authorization Lists | 75 | |
| How OS/400 Checks Authority | 77 | |
| Authority Cache | 80 | |
| Adopted Authority | 80 | |
| Authorities and Save/Restore Functions | 83 | |
| Object Ownership | 84 | |
| Limit User Function | 86 | |
| Helpful Tools | 88 | |
| Operations Navigator | 88 | |
| Chapter 5 | Database Security | 89 |
| Database File Authorities | 89 | |
| Data Authorities and Logical Files | 108 | |
| Field-Level Security | 108 | |
| Row-Level Security | 128 | |
| What About SQL Tables and Views? | 128 | |
| Chapter 6 | Output Queue and Spooled-File Security | 129 |
| The Security-Related Output Queue Attributes | 129 | |
| Output Queue Ownership | 132 | |
| Sample Output Queue Security Implementation | 133 | |
| An Output Queue Security Management Utility | 134 | |
| Helpful Tools | 163 | |
| Operations Navigator | 163 | |
| Chapter 7 | Network Security | 165 |
| Physical Security | 165 | |
| Network Configuration | 166 | |
| Network Security Attributes | 166 | |
| DDM Security | 168 | |
| Security Considerations for PCs | 177 | |
| Using Exit Points | 182 | |
| Installing USRFTPLOGC | 187 | |
| Helpful Tools | 187 | |
| Chapter 8 | Communications Security | 189 |
| TCP/IP Security Considerations | 189 | |
| Data Encryption | 204 | |
| APPN/APPC Communications Configuration Security | 209 | |
| Helpful Tools | 213 | |
| Operations Navigator | 213 | |
| Chapter 9 | Internet Security | 215 |
| Corporate Security Policy | 216 | |
| Internet Service Provider | 217 | |
| Firewalls | 217 | |
| AS/400 System Values | 219 | |
| User Profiles | 222 | |
| Use Resource Security | 223 | |
| Control What Goes On | 223 | |
| Write Secure Web Applications | 224 | |
| Use Exit Points | 226 | |
| Monitor | 227 | |
| Test | 228 | |
| Update Your Business Contingency Plan | 229 | |
| The Good News | 229 | |
| Part II | The Invisible Threat | |
| Chapter 10 | Thwarting Hackers | 231 |
| Hacker Terminology | 231 | |
| Access--A Hacker's First Hurdle | 232 | |
| Bypassing or Gaining Authority | 238 | |
| Preventing Trojan Horses | 243 | |
| Preventing Viruses | 245 | |
| Preventing Worms | 246 | |
| Internet Attacks | 247 | |
| Final Words of Advice | 247 | |
| Part III | How to Build an AS/400 Security Strategy | |
| Chapter 11 | Evaluating Your Current Strategy | 249 |
| Common Authorization Models | 249 | |
| Evaluating the Key Areas | 257 | |
| Determining Your Level of Threat | 262 | |
| Chapter 12 | Establishing and Controlling System Access | 267 |
| Verify Security Level | 267 | |
| Plan for User Profiles | 267 | |
| Plan the Physical Connections | 269 | |
| Chapter 13 | Building Object and Role Authorization | 281 |
| Fundamental Tenets | 281 | |
| Evaluating Object Security Requirements | 283 | |
| Identifying Application Security Requirements | 283 | |
| Identifying Data File Security Requirements | 286 | |
| Identifying Program Security Requirements | 288 | |
| Identifying Authorization Roles | 291 | |
| Defining Enterprise Roles | 291 | |
| Defining Authorizations | 292 | |
| Implementation Example | 294 | |
| Documenting Role Authorizations | 295 | |
| Chapter 14 | Security for IT Professionals | 301 |
| Security and Your IT Staff | 301 | |
| Identify the Business Functions | 301 | |
| Define a Secure Environment for Each Business Function | 302 | |
| Security for Vendors and Consultants | 309 | |
| Chapter 15 | Security Implementation Example | 313 |
| Application Security Requirements | 314 | |
| Organizational Chart | 315 | |
| User Profile and Password Rules | 316 | |
| Role-Authorization Samples | 317 | |
| Network Security Considerations | 332 | |
| Exit Programs | 333 | |
| Application Administration | 334 | |
| System Values | 334 | |
| User Profile Listing | 336 | |
| Special Authorities Listing | 337 | |
| Library/Object Authorities Listing | 337 | |
| Part IV | Auditing Your Security Strategy | |
| Chapter 16 | Is Your Strategy Working? | 341 |
| What Can Change? | 341 | |
| Auditing Overview | 344 | |
| Chapter 17 | Status Auditing | 345 |
| Physical Security Auditing | 347 | |
| System-Level Security Auditing | 347 | |
| User Profile Monitoring | 348 | |
| Critical Objects and Object Authorities Monitoring | 359 | |
| Miscellaneous Audit Activities | 362 | |
| Chapter 18 | Event Auditing | 375 |
| Monitoring the History Log | 375 | |
| The Security Audit Journal | 377 | |
| The Audit Journal | 378 | |
| Auditing Controls | 380 | |
| System-wide Auditing | 381 | |
| User Auditing | 382 | |
| Object Auditing | 383 | |
| Event-Auditing Recommendations | 386 | |
| Working with the Audit Journal | 387 | |
| Displaying and Printing the Audit Journal Entries | 390 | |
| Helpful Tools | 398 | |
| Operations Navigator | 398 | |
| Chapter 19 | Building a Business Contingency Plan--A Workbook | 401 |
| Have a Purpose | 401 | |
| Find the Leaders | 401 | |
| Recognize Reality | 402 | |
| Risk Analysis | 403 | |
| Disaster Avoidance | 410 | |
| Emergency Procedures | 414 | |
| A Complete Recovery Program | 416 | |
| Testing and Auditing | 419 | |
| Appendices and References | ||
| Appendix A | Security APIs | 423 |
| User and Group ID APIs | 427 | |
| Digital Certificate APIs | 429 | |
| Profile Token APIs | 430 | |
| User Function Registration APIs | 431 | |
| Validation-List APIs | 432 | |
| Appendix B | Security Journal Entry Types (Detail) | 435 |
| Action Auditing | 435 | |
| Object Auditing | 439 | |
| References | 441 | |
| IBM Manuals | 441 | |
| IBM Redbooks | 441 | |
| IBM Web Sites | 441 | |
| Articles from NEWS/400 Magazine and AS400 Network | 442 | |
| Other Publications | 442 | |
| Index | 443 |
| Price | Condition | Delivery | Seller | Action |
| $99.99 | Digital |
| WonderClub |
Login|Complaints|Blog|Games|Digital Media|Souls|Obituary|Contact Us|FAQ
CAN'T FIND WHAT YOU'RE LOOKING FOR? CLICK HERE!!! X
You must be logged in to add to WishlistX
This item is in your Wish List
X
This item is in your Collection
Implementing As/400 Security
X
This Item is in Your Inventory
Implementing As/400 Security
X
You must be logged in to review the productsX
X
X
Add Implementing As/400 Security, In today's networked world, security is crucial. As e-business sweeps the enterprise, effectively protecting data can mean the difference between secure businesses that can build and maintain trustworthy relationships with customers and business partners , Implementing As/400 Security to the inventory that you are selling on WonderClubX
X
Add Implementing As/400 Security, In today's networked world, security is crucial. As e-business sweeps the enterprise, effectively protecting data can mean the difference between secure businesses that can build and maintain trustworthy relationships with customers and business partners , Implementing As/400 Security to your collection on WonderClub |