Hub/Switch Installation Guide
Chapter 1 HPSS Basics
36 September 2002 HPSS Installation Guide
Release 4.5, Revision 2
• Logging Policy. The logging policy controls the types of messages to log. On a per server
basis, the message types to write to the HPSS log may be defined. In addition, for each
server, options to send Alarm, Event, or Status messages to SSM may be defined.
• SecurityPolicy.Sitesecuritypolicydefinestheauthorizationandaccesscontrolstobeused
for client accessto HPSS. Site policymanagers weredeveloped for controllingaccess from
FTPand/orParallel FTPusing eitherIdent orKerberos credentials.These accessmethods
are supported by request using the hpss_pftpd_amgr and an appropriate authentication
manager. The Policy Manager is no longer supported. The Non-DCE Client Gateway
provides three Security Policies: none, Kerberos, and DCE.
HPSS server authentication and authorization use DCE authentication and authorization
mechanisms. Each HPSS server has configuration information that determines the type
and level of DCE security services available/required for the individual server. HPSS
software uses DCE services to determine a caller’s identity via credentials passed by the
caller to the server. Once the identity and authorization information has been obtained,
eachHPSSserver grants/denies thecaller’srequestbasedonthe accesscontrollist (ACLs)
attached tothe Security object in theserver’s Cell Directory Service (CDS)entry. Access to
the interfaces that modify a server’s internal metadata, generally require control
permission. HPSS security is only as good as the security employed in the DCE cell!
HPSS provides facilities for recording information about authentication and object (file/
directory)creation,deletion,access,and authorizationevents.Thesecurityaudit policyfor
each server determines the records that each individual server will generate. All servers
can generate authentication records, while only the Name and Bitfile Servers generate
other object event records.
• Accounting Policy. The accountingpolicy providesruntime informationto the accounting
report utility and to the Account Validation service of the Gatekeeper. It helps determine
what style of accounting should be used and what level of validation should be enforced.
The two types of accounting are site-style and UNIX-style. The site-style approach is the
traditional type of accounting in use by most mass storage systems. Each site will have a
site-specifictable(AccountMap)thatcorrelatestheHPSSaccountindexnumberwiththeir
localaccountchargecodes.TheUNIX-styleapproachallowsa sitetousetheuser identifier
(UID) for the account index. The UID is passed along in UNIX-style accounting just as the
account index number is passed along in site-style accounting. The hpss_Chown API or
FTP quote site chown command can be used to assign a file to a new owner.
Account Validation allows a site to perform usage authorizationofanaccountforauser. It
isturnedon byenablingtheAccount Validation field. IfAccountValidationisenabled, the
accounting styleinuse atthe siteis determinedby the Accounting Stylefield.Asite policy
module may be implemented by the local site to perform customized account validation
operations. The default Account Validation behavior is performed for any Account
Validation operation that is not overridden by the site policy module.
If AccountValidation isnot enabled, as inpreviousversions of HPSS, theaccounting style
to use is determined by the GECOS field on the user's DCE accountin the DCE registry or
by the HPSS.gecos Extended Registry Attribute (ERA) on the DCE principal in the DCE
registry.
• Location Policy. The location policy defines how Location Servers at a given site will
perform, especially in regards to how often server location information is updated. All
local, replicated Location Servers update information according to the same policy.