Manualshelf

White Paper

ManualsBrandsHP ManualsSoftwareHP HP-UX Auditing System Extensions
12345678910
2
Audience
This white paper is for security administrators responsible for defining and implementing host audit
security policies, and for system administrators responsible for configuring and managing HP-UX. This
white paper provides guidance to administrators for planning, deploying, configuring, and managing
the HP-UX Auditing System features on HP-UX 11i v2 with HP-UX Standard Mode Security Extensions
(SMSE) installed and on HP-UX 11i v3 with HP-UX Auditing System Extensions installed. In addition,
the white paper provides Best Practices that you can use to address certain compliance criteria. You
can compare these settings with your internal security policy and any compliance criteria that must be
satisfied.
Note
This paper does not address auditing on a system converted to trusted
mode.
Introduction
The purpose of auditing is to selectively record security relevant events for analysis and detection of
security breaches. The auditing system records instances of access by subjects to objects on the
system, and enables you to detect any attempts to bypass the protection mechanism for objects,
including the misuse of privileges. Auditing also helps expose potential security weaknesses in the
system. Many regulations, such as PCI, HIPAA, and Sarbanes-Oxley, require some form of auditing.
In the past several years, industry and government oversight of businesses has increased dramatically.
Guidelines and laws have been defined that require businesses to protect information and to impose
more significant penalties for failure to do so. This protection of information goes beyond internal
corporate information and extends to the privacy of customer data and practices for the protection of
business operations and infrastructure. Adherence to these regulations is generally referred to as
regulatory compliance or, simply, compliance. Businesses must demonstrate appropriate internal IT
controls or face penalties for noncompliance. Significant regulatory compliances are as follows:
Sarbanes Oxley (SOX) – Pertains to protection of public company financial data
PCI – Pertains to customer credit card information
HIPAA – Pertains to healthcare information
Graham Leach Bliley Act – Pertains to financial institutions
Safe Harbor – Pertains to international privacy protection
SEC/OCC – Pertains to US financial securities (for example, stocks)
Most of these criteria do not mandate specific security mechanisms or processes, but they define a
high level of practices to which businesses must adhere. Businesses must determine appropriate
processes and mechanisms to meet the specified practices.