 |
 |
 |
 |
|
|
SAFE/3000 Overview
Today the HP e3000 is used to store and process vital
information for businesses worldwide. The information stored in and the
computing resources of these systems have become valuable commodities,
in many cases essential to the continued success of an organization.
Until recently, the HP e3000 was often used as a stand-alone
minicomputer running a small number of applications for a limited number
of users. The minimal security provided by MPE and third-party
packages was adequate in this limited environment. However, today the
HP e3000 has evolved into a general purpose system running a
diverse set of applications for large user populations. Today's
HP e3000, especially given the introduction of the 900 Series of
processors, can outperform yesterday's, and some of today's, mainframe
systems.
Unfortunately, the security technology needed to ensure a secure
computing environment on these HP e3000s has not evolved along
with the system's power and use. Access, alteration, or
misappropriation of sensitive information along with the loss of system
resources, and processing capability can have a severe, if not
crippling, effect on the users and organizations who depend on their
HP e3000 for accurate and reliable information.
Many challenges face all users of the system, from end users through
system managers to corporate management. These challenges boil down to
the need to adequately protect computing resources, while still
allowing access to resources on the system.
SAFE/3000 addresses these challenges by providing for the
HP e3000 a set of access control and auditing tools which have
previously been available only on larger IBM main frame systems.
SAFE/3000 provides security services in several areas:
- Prevention of unauthorized access at both the system and
file/database level.
- Control of authorized access at both the system and file/database
level.
- Verification of authorized system and file/database access through
an integrated audit facility.
- Detection of unauthorized access attempts at both the system and
file/database level through the audit facility.
These services are provided by SAFE/3000 through access control mechanisms,
audit facilities, and system level security controls.
With SAFE/3000, files may be accessed by multiple users in a secure
and auditable manner. SAFE/3000 allows the owner of a file or database
to control who may access the file or database by:
- specific user-ID,
- MPE access mode (Read, Write, Update, etc.),
- what program is being used to access the data,
- time of day the file or database is being accessed,
- day of week on which the access occurs,
- date on which access happens, and
- what terminal or terminals are being used to access the file.
|
|
In addition to controlling access to regular MPE flat files,
SAFE/3000 may also be used to regulate access to TurboIMAGE databases
and KSAM files as well as controlling the use of system resources such
as logon-ids and terminals.
|
|
This level of control and validation is not available from either
the MPE operating system or other third-party packages. These
constraints may be used individually or in combination to fully specify
access. SAFE/3000's comprehensive access controls ensure that
authorized access by users on the system occurs in a controlled and
verifiable manner, and that unauthorized access is prevented.
SAFE/3000's access rule facility provides this level of control.
Access rules allow the owner of a file to specify with a high-level
English-like syntax how a file is to be accessed by other users. The
access rule facility is a simple yet powerful control mechanism which
can be used not only at the file level, but also to describe how access
is to be granted at the system level where a user logs on.
For more information or a free demo of the product, contact us at
info@allegro.com or (408) 252-2330.
|
|
|
![[3khat16.ico]](../../../img/3khat16.ico)
HP3000![[archive16.gif]](../../../img/archive16.gif "Wayback Archive")