× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. September 2006

RE: User Security Advice

<Vendor comment>

Brian - if at some point you want to include vendor solutions in your
investigations please feel free to look at our solution DetectIT
http://www.safestone.com/products/detectit_map.php

We perform menu, user and application security in a similar way to your
exisiting setup, but with more levels.

<End of vendor comment>

Regards 

Martin A Norman 
Technical Services
SafeStone Technologies 
mnorman@xxxxxxxxxxxxxxxx 
1-800-558-3544 ext. 8018

This email and/or attachments are privileged and confidential and intended
solely for the addressee. If you are not the intended recipient, please
notify us immediately. Disclosure, distribution or copying of this email
other than by the addressee is strictly prohibited. The company does not
warrant that the information is free of a virus or any other defect that may
affect the recipient's computer system and it is your responsibility to scan
attachments (if any).

------------------------------

message: 7
date: Thu, 21 Sep 2006 10:37:52 -0400
from: "Brian Piotrowski" <bpiotrowski@xxxxxxxxxxxxxxx>
subject: User Security Advice

Hi All,

 

Does anyone have any advice on protecting home-grown programs and user
security?  Right now we have a very rudimentary security system that
protects programs based on the users "level".  This level has nothing to
do with the built-in security used by the AS/400.  Instead, there's an
additional PF that houses the username, a security category (ie: "A" for
all programs, "S" for only scanning programs, etc.). and a security
level (3 - can do everything, 0 - can do very little).

 

We're looking at revamping our entire security system to make it more
granular.  Instead of having a broad security level such as "A3", I'm
looking to go right down to the menu items and restrict on that.  So if
we have "001 - Production Control, 002 - Trailer Control, 003 - User
Profiles", I would have the user maintenance program allow access to
001, and 003 for a user, but restrict them from using 002.

 

However, we have almost 275 programs spread across 15 menus, so a user's
profile may be large because in addition to their name and password,
they will have an extra 275 fields that will have a "Y" or "N" in them
to restrict their access to the programs.  Furthermore, when new menu
items are added, I will need to go into the user profile program and
update all records.  So I'm not sure if this is a viable solution.

 

I thought I'd consult the group for some advice, since I'm sure there
are others who have done this before.  If not, are there any good
Redbooks that cover this issue or has everyone rolled out their own
security solutions?

 

Thanks!

 

/b;

 

-=-=-=-=-=-=-=-=-=-=-=-=-=-

Brian Piotrowski

Assistant Mgr. - I.T.

Simcoe Parts Service, Inc.

Ph: 705-435-7814 x343

Fx: 705-435-6746

-=-=-=-=-=-=-=-=-=-=-=-=-=-

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.