This section describes the use of the System Security Maintenance (SSM) utility, which is available in the SYSMAN account. It provides an overview of the security facilities that can be configured using SSM and describes how to use it.
Note: Other security controls can be set up at account and file level; these are described in Database Account Management.
SSM also allows you to set up operating environments. These are combinations of settings that change the way in which Reality functions. They can be used for backwards compatibility with earlier versions of Reality or to simplify migration from other MultiValue system.
SSM allows you to set up network, user and security profiles which define the security characteristics for a user. These profiles are stored as items in the NETWORK, USERS and SECURITY files, respectively; these are system files located in the SYSMAN account.
Network Profiles are set up using SSM Option 1 – Define Network Profiles. They define the characteristics and some security restrictions that are always applied when logging on from a particular physical location or group of locations. Additional security can be applied for particular locations depending on the user-id. Network Profiles are identified by Physical Location Identifiers (PLIds or partial PLIds) and are held as items in the NETWORK file. PLIds are explained in the topic Location-Based Security.
These are set up using SSM Option 3 – Define Security Profiles. They define allowed and disallowed database access and can be assigned to particular user-ids and locations (PLIds) via the user profile. They are identified by profile-ids and are held as items in the SECURITY file. Refer to Security Profile for more details.
Environments are combinations of settings that change the way in which Reality functions. For example, you might create an Environment for backwards compatibility with an earlier version of Reality or to simplify migration from a different type of MultiValue system. Several predefined Environments are provided, which you can use either directly or as templates for creating your own Environments (see SSM Option 4 – Define Environment Settings and Environment Options).
It is recommended that you associate the environments you create with user profiles so that each user is given a suitable profile at log on (see SSM Option 2 – Define User Profiles). An option in the user's security profile allows you specify the action to be taken if the operating environment specified for the user cannot be found or is invalid.
You can also apply an environment when needed with the
SET-ENVIRONMENT
TCL command, and you can set and clear the individual environment options with the
The options that are currently set can be listed with LIST CUSTOM.OPTIONS.
Data encryption makes your data more secure and also allows you to control which users can access particular files. SSM Option 5 – Encryption Key Maintenance allows you to set up the encryption keys that will both protect and provide access to your data.