The AS/400 family of systems covers a wide range of users. A small system might have three to five users, and a large system might have several thousand users. Some installations have all their workstations in a single, relatively secure, area. Others have widely distributed users, including users who connect by dialing in and indirect users connected through personal computers or system networks. Security on the AS/400 system is flexible enough to meet the requirements of this wide range of users and situations. You need to understand the features and options available so that you can adapt them to your own security requirements. This chapter provides an overview of the security features on the system.
System security has three important objectives:
- Protecting against disclosing information to unauthorized people.
- Restricting access to confidential information.
- Protecting against curious system users and outsiders.
- Protecting against unauthorized changes to data.
- Restricting manipulation of data to authorized programs.
- Providing assurance that data is trustworthy.
- Preventing accidental changes or destruction of data.
- Protecting against attempts by outsiders to abuse or destroy system resources.
System security is often associated with external threats, such as hackers or business rivals. However, protection against system accidents by authorized system users is often the greatest benefit of a well-designed security system. In a system without good security features, pressing the wrong key might result in deleting important information. System security can prevent this type of accident. The best security system functions cannot produce good results without good planning. Security that is set up in small pieces, without planning, can be confusing. It is difficult to maintain and to audit. Planning does not imply designing the security for every file, program, and device in advance. It does imply establishing an overall approach to security on the system and communicating that approach to application designers, programmers, and system users.
As you plan security on your system and decide how much security you need, consider these questions:
- Is there a company policy or standard that requires a certain level of security?
- Do the company auditors require some level of security?
- How important is your system and the data on it to your business?
- How important is the error protection provided by the security features?
- What are your company security requirements for the future?
NIST C2 Security
For the few of you requiring the highest level of security, the System i is capable of achieving NIST "C2" level security with just a few system settings!
By using security level 50 and following the instructions in the Security - Enabling for C2, SC41-5303-00, you can bring your AS/400 system to a C2 level of security. C2 is a security standard defined by the U.S. government in the Department of Defense Trusted System Evaluation Criteria (DoD 5200.28.STD). You may wonder why you would want to have a C2 rating. Your ability to apply for and be successfully hired as a contractor for projects within the government may require that your system runs at the C-2 level of security. In October, 1995, AS/400 formally received a C2 security rating from the United States Department of Defense. The C2 rating is for V2R3 of OS/400, SEU, Query/400, SQL, and Common Cryptographic Architecture Services/400. The C2 rating was awarded after a rigorous, multi-year period of evaluation. AS/400 is the first system to achieve a C2 rating for a system (hardware and operating system) with an integrated, full-function database.
In 1998, AS/400 received a C2 rating for Version 4 Release 1 of OS/400, SEU, Query/400, SQL, and AS/400 Advanced Series Hardware. IBM is currently pursuing C2 ratings for additional hardware and releases of the operating system. To achieve a C2 rating, a system must meet strict criteria in the following areas:
- Discretionary access control
- User accountability
- Security auditing
- Resource isolation