June 30, 2012
Secure Data Access Control
Data volumes are growing, and along with them, the need to control who has access to what. Financial and health care industries are fraught with stories of inappropriate access. Institutional and government regulations will continue to increase with the value and sensitivity of this data. Take control of your data access today. To protect your sensitive data, c‑treeACE offers an extensive range of access controls. security options and data encryption capabilities. This includes a wide array of utilities and settings to administer these controls.
Start with basic user access controls.
c‑treeACE Security Administrator is a client tool designed to easily manage c‑treeACE users. Its graphical interface provides an intuitive view to create, delete, and manage c‑treeACE users and user groups. The c‑treeACE Security Administrator tool is recommended for system administrators to quickly and easily manage user accounts.
- Add, Delete and Modify Users
- Change User Passwords
- Create, Modify and Delete Groups
- Modify File Security Attributes
- Change File Passwords
c‑treeACE access controls are modeled on traditional Unix security. Access to c‑treeACE is controlled through three basic levels:
- User access restrictions
- Group-based restrictions
- File Ownership and permissions masks
When an application connects to c‑treeACE, it must identify itself. The identifying code is called the User ID. The User ID seeking access must be one already authorized as a valid User ID to gain access. A password for the User ID may also be required. Error 450 is returned if the user is not an authorized user. Error 451 is returned for an invalid password attempted for that User ID.
There are three principle user accounts:
- Administrator ADMIN account – This “super user” account is pre-set and unchangeable with the User ID of ADMIN. This password should always be changed upon first usage and protected from
- Unique User IDs – An Administrator can create new User IDs (and passwords) for other users, who then log onto c‑treeACE with these names. This includes new members to the ADMIN group with limited Administrator capabilities.
- Guest Users – An application program can be designed to log onto c‑treeACE without requiring the user to supply a User ID and without supplying an application-based User ID. When no User ID is supplied to c‑treeACE that user is automatically assigned the special User ID “GUEST” for that session.
User IDs consist of up to 31 characters, are case insensitive, and can include letters numbers and punctuation marks.
Passwords consist of up to 9 characters, are case sensitive, and can include letters numbers and punctuation marks.
The following User Attributes can be maintained:
- Memory Limits
- Memory Rule (absolute, guideline, default — USR_MEM_RUL)
- First valid date
- Last valid date
- Limit consecutive logon failures (LOGON_FAIL_LIMIT)
c‑treeACE maintains a guest group, to which User IDs are associated if they are not assigned to any Administrator-defined Group ID. This means every User ID is associated with at least one group (that is, either the GUEST Group or a Group ID).
Group names consist of up to 31 characters, are case insensitive, and can include letters numbers and punctuation marks.
The following Group Attributes can also be maintained:
- Memory limits
File Ownership and Permission Masks
File ownership is determined by the User ID that created a file. These can be changed by the ADMIN Administrator account. File permission masks are then used to further refine file access by other users. These mimic traditional Unix-based permissions.
- WRITE (Add, update and delete)
- DEFINE (Schemas, passwords, etc)
In addition, filesystem protection is of utmost importance in protecting your c‑treeACE files. c‑treeACE defaults to Unix permissions of 0660 (read/write access for owner and group, no world access) for created files. This can be configured further with the FILE_CREATE_MODE configuration option.
FYI User, group, and file permissions information, including password hashes, are stored in the encrypted FAIRCOM.FCS file. Should this file ever be lost or damaged, ALL user information is permanently lost. Protect this file from loss by regularly backing it up to persistent media. This file should always be included in your c‑treeACE dynamic dump scripts.
The server will always generate a new, empty, FAIRCOM.FCS file on startup if this file is missing with only the default ADMIN “super user” account.
Additional Server Side Logon Controls:
Advanced controls can be established over user access for enterprise level security needs. c‑treeACE configuration options set the default number of consecutive logon failures to allow, the default time to deny logon attempts after the failure limit is reached, and the beginning and ending dates for User IDs.
- LOGON_FAIL_LIMIT <logon limit>
- LOGON_FAIL_TIME <minutes>
- LOGON_MUST_TIME <minutes>
Other useful access control utilities include:
- The command line ctadmn utility;
- ctpass, for client side password changes;
- a scriptable sa_admin utility for flexible configuration deployments;
- and a complete administration API.