Managing optical security and auditing

 

You can secure information on optical media by using i5/OS^® security functions. The level of security available depends on the optical media format of the volume. You can use an authorization list to secure all optical volumes. This includes all volumes in CD-ROM, DVD, LAN-attached, directly-attached, and virtual optical devices. Universal Disk Format (UDF) volumes provide directory- and file-level security in addition to authorization list security. Optical support provides ways to prevent unauthorized access and processing of data that is stored on optical volumes. Optical support does this by verifying a requester’s rights to specific optical volumes before attempting the following requests:

• Open file or directory

• Create directory

• Delete file or directory

• Rename file

• Initialize or rename volume

• Remove cartridge

• Change or retrieve attributes

• Copy

• Backup or convert backup

• Save or release held files

• Read sectors

• Save optical volume storage

• Restore optical volume storage

• Check optical volume for damaged files

Along with security for optical volumes, directories, and files, auditing of access to optical objects is also available.

• Using authorities required for optical functions
  This topic describes the various levels of user authority and the types of access associated with them.
• Specifying an authorization list
  This topic explains how to secure volumes with an authorization list during the import process.
• Changing the authorization list to secure an optical volume
  You can change the authorization list that is used to secure an optical volume in a CD-ROM device or an optical media library.
• Retaining the authorization list when removing optical volumes
  The relationship between an optical volume and an authorization list is maintained in the optical index database.
• Mapping the authorization list to an optical volume
  The name of the authorization list used to secure an optical volume is kept in an optical index database file.
• Managing directory- and file-level security
  Directory- and file-level security is available for Universal Disk Format (UDF) volumes.
• Optical auditing
  Many optical operations can be audited.

 

Parent topic:

Optical storage

Related concepts
Directory and file security