Security

The Y2K Compliance Assessment Tool provides two levels of security:

Server security that is partially implemented by the server components of theY2K Compliance Assessment Tool and by the system administrator
Application security implemented by the client and server components of the Y2K Compliance Assessment Tool applications

This appendix describes both of these security levels.

Server Security

There are two aspects of theY2K Compliance Assessment Tool server security:

Security imposed by the server components
Security imposed by the system administrator

The Y2K Compliance Assessment Tool relies on the security features and capabilities of the Windows NT operating system to protect the data and programs used by the Y2K Compliance Assessment Tool from unapproved access.

Caution
Y2K Compliance Assessment Tool can provide security only when installed on an NTFS filesystem.

Server-Imposed Security

The Y2K Compliance Assessment Tool server provides the following security mechanisms:

Files, file ownership, and permissions---The Y2K Compliance Assessment Tool must be installed by the system administrator and is installed as the user bin. The Windows NT user bin is created at installation time and given a random password that the Y2K Compliance Assessment Tool daemon manager has access to when it is needed. No user of the Y2K Compliance Assessment Tool system should ever have to log into the Windows NT system as the user bin.

: Files installed by Y2K Compliance Assessment Tool are readable by anyone logged into the Windows NT system but files created in the install directory\CSCOpx\files folder are readable only by the bin and administrator users.

Runtime ---The Y2K Compliance Assessment Tool executes some backend processes as system level processes, so there are some programs that run under the system account. These programs are limited in number and controlled by entries in the Windows NT Registry. Only administrators have write access to these Registry entries.
Off machine access ---The Y2K Compliance Assessment Tool daemon manager will not respond to requests to start, stop, register, or show status for Y2K Compliance Assessment Tool backend processes from computers other than the Y2K Compliance Assessment Tool server.

System Administrator-Imposed Security

To maximize Y2K Compliance Assessment Tool server security, follow these system administration guidelines:

Do not allow users who are not responsible for managing the network to have a login to the server.
Do not allow the server file systems to be remotely mounted with any file sharing protocol.
Limit remote access (for example, FTP) to the server to those users who are permitted to log in to the server.
Install the Y2K Compliance Assessment Tool on an NTFS file system because FAT file systems have no access controls.

Application Security

The Y2K Compliance Assessment Tool provides application-level security that allows the administrator to dictate which applications a user can access. The Y2K Compliance Assessment Tool provides this security through a set of five built-in roles:

Help Desk
Approver
Network Operations
Network Administration
System Administration

Each role allows access to a predetermined set of applications, tools, and product features. Refer to the "Getting Started" section of the Y2K Compliance Assessment Tool online help for a detailed chart showing the relationship of user role to application functionality.

When you create a login (every user must log in to the application to use its features), you assign one or more roles to the login. The role or combination of roles dictates which applications are available to the user in the navigation tree (refer to the "Setting Up the Y2K Compliance Assessment Tool" chapter for an explanation of the navigation tree).

Only the system administrator user can assign roles to logins. Y2K Compliance Assessment Tool users can use the administrative tools to change their own password or other aspects of their login.

The Y2K Compliance Assessment Tool comes with two predefined logins:

guest (no password required, user role = Help Desk)

admin (password = admin, user role = super user )

Note The login named admin is the equivalent of the superuser login . This login provides access to all Y2K Compliance Assessment Tool tasks.

To prevent anyone from typing a full path to a Y2K Compliance Assessment Tool URL to avoid the security system, applications will run only in the presence of an authenticated session between the server and client. The session is authenticated as a part of the login process so attempting to avoid the login by entering a URL will fail and the user will be returned to the Login Manager dialog box. The Y2K Compliance Assessment Tool desktop terminates a login session after a period of no use. After termination, attempting to perform any operation returns the user to the Login Manager dialog box.

Table of Contents

Security

Security

Server Security

Server-Imposed Security

System Administrator-Imposed Security

Application Security