UniAccess WHITE PAPERS LAST UPDATED: Dec. 28, 2004 Applied Information Sciences UniAccess Security Options There are various methods of utilizing security in the UniAccess for OS 2200 environment. This document discusses both client-based security and server-based security. Client-Based Security ...................................................................................................................1 Operating System Security ........................................................................................................1 Application Security ..................................................................................................................2 Open Client/ODBC Security .....................................................................................................2 Server-Based Security...................................................................................................................3 Operating System - Unisys OS 2200 Security ...........................................................................3 Local Security - Logon/Logoff Transactions ............................................................................3 UniAccess User Validation .......................................................................................................4 Application Security ..................................................................................................................4 Database Security RDMS 2200 Security ..................................................................................4 References .....................................................................................................................................5 Client-Based Security Operating System Security The level of security provided by the operating system is dependent upon the platform. Microsoft Windows 98, Windows Millennium Edition, Windows NT, Windows 2000, Windows XP, and Windows Server 2003 can be configured to provide various levels of operating system security. Windows NT, Windows 2000, Windows XP, Windows Server 2003, and follow-on systems provide file security using the NTFS file system. Applications using the UniAccess ODBC driver must be granted access to the executable code and to the TEMP directory, which is used to store a temporary file used by the driver. A given system may have multiple TEMP directories. The location of the TEMP directory is specified via environment variables. Typical end user ODBC applications (e.g., Microsoft Access) run in the user’s context and generally will have access to the TEMP directory. Middle-tier applications (e.g., web based applications using IIS) generally run in the context of the IIS service and generally Applied Information Sciences 1 will not have access to the SYSTEM TEMP directory by default. Applications using the UniAccess ODBC driver will require access to the following directories. Folder Required Permission Comments Directory pointed to by system variable “Temp” Read/Write/Delete Location used by UniAccess Driver to generate config file. C:\Program Files\Applied Information Sciences\UA9R2\dll\ Read/Execute For UniAccess driver DLLs loaded by the web application. In addition, ODBC applications using a DSN must also have access to the DSN. All users of a system will have access to SYSTEM DSNs. The owner of a USER DSN will be the only user granted permission to use that DSN. Access to file DSNs is controlled by access to the underlying file. The UADTC service must be configured to use a valid logon account, when distributed transactions are initiated using the UADTC service. Note: The installation of the UniAccess ODBC driver does not change the security of the TEMP directory nor allow access to the UniAccess ODBC driver executable code by anyone other than the installer and administrators. If access to these files is required, the security of the directories should be modified. Application Security The level of security provided by the application is unique to each application’s implementation. A number of ODBC, ODBC.Net, OLE DB, ADO, and ADO.Net applications include application-level security and user control. Some of the common restrictions implemented at this level are: Restrict a user to a subset of functionality Limit the tables, views, or columns that can be viewed Limit the volume of data that is returned Limit the time allowed to process a request. Open Client/ODBC Security Both the Open Client interface and the ODBC interface provide for user identification via user ID and password. The user ID and password are forwarded for authentication. Server-Based Security Operating System - Unisys OS 2200 Security TIP Session Control is a configurable option of OS 2200. If TIP Session Control is configured: 1. The UniAccess Communications Server (UACS) will open a TIP session with the operating system as part of establishing the client connection. UACS passes the user ID and password directly to the operating system for validation. If the operating system rejects the request to open a TIP session, the client connection will be rejected. 2. All of the Unisys OS 2200 and RDMS 2200 security features can be utilized. UniAccess does not impose any special constraints upon the security environment. 3. The security officer establishes a security record for each end user of the transaction system. A user security record specifies a set of attributes that determines how each end user can use the transaction system. TIP Session Control can be used with or without any of the other security interfaces. Local Security - Logon/Logoff Transactions UniAccess provides an optional Security API. The Security API can be used to interface to local, or third party security packages. The UniAccess Security API calls a specified logon transaction when a client application connects to the server. UACS passes the user ID, the password, and the PID used for the session to the logon transaction. The Security API can also be configured to call a logoff transaction when the client disconnects. The UniAccess Security API has provisions to allow the local security application to: accept a logon request deny a logon request indicate that the password has expired deny an individual transaction request indicate that the session has timed out. If both TIP Session Control and the Security API are in use, the TIP session will be established before the logon transaction is called. The Security API can be used with or without any of the other security interfaces. Applied Information Sciences 2 UniAccess User Validation UniAccess provides configuration options for UACS to validate the user ID. The security related items that can be configured on a user-by-user basis with UACS user validation are: Validate that the user ID passed on the client connect request is configured in the UniAccess Configuration File. Allow or restrict the ability to update the database via UARS. Allow or restrict the ability to change their default database via UARS or UAHS. Control the communications server used by a UniAccess Transaction Client. Limit the number of rows returned by UARS. Allow or restrict user defined transactions (i.e., BEGIN TRAN). UniAccess User Validations can be used with or without any of the other security interfaces. Application Security The UniAccess Server Library provides customer- written applications with the user ID and password. These may be utilized within the application to provide application specific security. Database Security RDMS 2200 Security RDMS 2200 security is always used by UARS. RDMS security is not in effect for user written transactions when TIP Session Control is not configured. Some of the features of RDMS are: Access is controlled based on user ID. If TIP Session Control is active, the user ID has been validated by the operating system. Access control for tables in both owned schemas and unowned schemas is available. Access control can be configured at a view level. This means that the user can access the data visible within the view, but cannot access the underlying table or tables directly. For example, in an employee table you can configure security to allow a manager full access to all employees in their department but restrict access to all other employees. Access is controlled using SQL commands (GRANT and REVOKE). Applied Information Sciences 3 References For further information, refer to the following manuals: UniAccess System Administration Guide Unisys Security User Guide Unisys RDMS Administration Guide DISCLAIMER Permission to use this document is granted, provided that (1) this permission, as well as the disclaimer and copyright notice that follow appear in all copies, (2) use of this document is for informational and non-commercial or personal use only, and (3) the document is not modified in any way. APPLIED INFORMATION SCIENCES, INC. AND/OR ITS RESPECTIVE SUPPLIERS MAKE NO REPRESENTATIONS ABOUT THE SUITABILITY OF THE INFORMATION CONTAINED IN THIS DOCUMENT FOR ANY PURPOSE. THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. APPLIED INFORMATION SCIENCES, INC. AND/OR THEIR RESPECTIVE SUPPLIERS HEREBY DISCLAIM ALL WARRANTIES AND CONDITIONS WITH REGARD TO THIS INFORMATION, INCLUDING ALL IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND NON-INFRINGEMENT. IN NO EVENT SHALL APPLIED INFORMATION SCIENCES, INC. AND/OR THEIR RESPECTIVE SUPPLIERS BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF INFORMATION AVAILABLE IN THIS DOCUMENT. THIS DOCUMENT COULD INCLUDE TECHNICAL INACCURACIES OR TYPOGRAPHICAL ERRORS. CHANGES ARE PERIODICALLY ADDED TO THE INFORMATION HEREIN. APPLIED INFORMATION SCIENCES, INC. AND/ OR THEIR RESPECTIVE SUPPLIERS MAY MAKE IMPROVEMENTS AND/OR CHANGES IN THE PRODUCT(S) AND/OR THE PROGRAM(S) DESCRIBED HEREIN AT ANY TIME. IN NO EVENT SHALL APPLIED INFORMATION SCIENCES, INC AND/OR ITS RESPECTIVE SUPPLIERS BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF SOFTWARE, DOCUMENTS, PROVISION OF OR FAILURE TO PROVIDE SERVICES, OR INFORMATION AVAILABLE FROM THIS SERVER. COPYRIGHT NOTICE. Copyright 2004 Applied Information Sciences, Inc., 1850 Centennial Park Drive, Reston, Virginia, 20191 U.S.A. All rights reserved. TRADEMARKS. Product and company names mentioned herein may be the trademarks of their respective owners. Any rights not expressly granted herein are reserved. Applied Information Sciences 54