CA IDMS Security Technical Implementation Guide
Rules, Groups, and Values defined within the XCCDF Benchmark
-
SRG-APP-000133-DB-000362
Group -
Databases must be secured to protect from structural changes.
Database objects, like areas and run units, can be changed or deleted if not protected. Steps must be taken to secure these objects via the external security manager (ESM). Satisfies: SRG-APP-0001...Rule Medium Severity -
SRG-APP-000133-DB-000362
Group -
Database utilities must be secured in CA IDMS and permissions given to appropriate role(s)/groups(s) in the external security manager (ESM).
IDMS has tasks that are used to perform necessary maintenance, but in the wrong hands could damage the integrity of the DBMS. Tasks that can change database structure must be protected. Satisfies:...Rule Medium Severity -
SRG-APP-000133-DB-000362
Group -
The online debugger which can change programs and storage in the CA IDMS address space must be secured.
If the DBMS were to allow any user to make changes to database structure or logic, then those changes might be implemented without undergoing the appropriate testing and approvals that are part of ...Rule Medium Severity -
CA IDMS must secure the ability to create, alter, drop, grant, and revoke user and/or system profiles to users or groups.
Even when using an external security manager (ESM), IDMS system and user profiles which reside in an IDMS user catalog may be assigned to users or groups. The ability to administer user and system ...Rule Medium Severity -
SRG-APP-000141-DB-000090
Group -
The EMPDEMO databases, database objects, and applications must be removed.
Demonstration and sample database objects and applications present publicly known attack points for malicious users. These demonstration and sample objects are meant to provide simple examples of c...Rule Low Severity -
SRG-APP-000141-DB-000091
Group -
Default demonstration and sample databases, database objects, and applications must be removed.
Information systems are capable of providing a wide variety of functions and services. Some of the functions and services, provided by default, may not be necessary to support essential organizatio...Rule Low Severity -
SRG-APP-000141-DB-000092
Group -
IDMS components that cannot be uninstalled must be disabled.
DBMSs must adhere to the principles of least functionality by providing only essential capabilities. At installation, all CA IDMS products are installed but can be disabled (i.e., forced to fail if...Rule Low Severity -
SRG-APP-000142-DB-000094
Group -
IDMS nodes, lines, and pterms must be protected from unauthorized use.
In order to prevent unauthorized connection of devices, unauthorized transfer of information, or unauthorized tunneling (i.e., embedding of data types within data types), organizations must disable...Rule Medium Severity -
SRG-APP-000148-DB-000103
Group -
SRG-APP-000164-DB-000401
Group -
DBMS authentication using passwords must be avoided.
Passwords that are easy to guess open a vulnerability allowing an unauthorized user to potentially gain access to the DBMS. IDMS uses the External Security Manager (ESM) to enforce complexity and l...Rule Medium Severity -
SRG-APP-000172-DB-000075
Group -
Passwords sent through ODBC/JDBC must be encrypted.
Unencrypted passwords transmitted from ODBC and JDBC may be intercepted to prevent their being intercepted in a plain-text format.Rule Low Severity
Node 2
The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.