Skip to content

CA IDMS Security Technical Implementation Guide

Rules, Groups, and Values defined within the XCCDF Benchmark

  • IDMS must protect against the use of numbered exits that change the userid to a shared id.

    <VulnDiscussion>Non-repudiation of actions taken is required to maintain data integrity. Examples of particular actions taken by individuals ...
    Rule Low Severity
  • SRG-APP-000080-DB-000063

    <GroupDescription></GroupDescription>
    Group
  • IDMS must protect against the use of web-based applications that use generic IDs.

    &lt;VulnDiscussion&gt;Web-based applications that allow a generic ID can be a door into IDMS allowing unauthorized changes whose authors may not be...
    Rule Low Severity
  • SRG-APP-000080-DB-000063

    <GroupDescription></GroupDescription>
    Group
  • IDMS must protect against the use web services that do not require a sign on when actions are performed that may be audited.

    &lt;VulnDiscussion&gt;IDMS web services provide a way for web-based applications to access an IDMS database. If not secured, the Web services inter...
    Rule Low Severity

The content of the drawer really is up to you. It could have form fields, definition lists, text lists, labels, charts, progress bars, etc. Spacing recommendation is 24px margins. You can put tabs in here, and can also make the drawer scrollable.

Capacity
Modules