Security Policy
The phrase security policy, or policy, is used throughout this book to refer
to an organization's security guidelines. Your site's security policy is the set of
rules that define the sensitivity of the information that is being processed and
the measures that are used to protect the information from unauthorized access. Security
technologies such as Solaris Secure Shell, authentication, RBAC, authorization, privileges, and resource control provide
measures to protect information.
Some security technologies also use the word policy when describing specific aspects of
their implementation. For example, Solaris auditing uses audit policy options to configure
some aspects of auditing policy. The following table points to glossary, man page,
and information on features that use the word policy to describe specific aspects
of their implementation.
Table 1-1 Use of Policy in the Solaris OS
Glossary Definition |
Selected Man Pages |
Further Information |
|---|
audit policy |
audit_control(4), audit_user(4), auditconfig(1M) |
Chapter 28, Solaris Auditing (Overview) |
policy in the cryptographic framework |
cryptoadm(1M) |
Chapter 13, Solaris Cryptographic Framework (Overview) |
device policy |
getdevpolicy(1M) |
Controlling Access to Devices |
Kerberos policy |
krb5.conf(4) |
Chapter 25, Administering Kerberos Principals and Policies (Tasks) |
network policies |
ipfilter(5), ifconfig(1M), ike.config(4), ipsecconf(1M),
routeadm(1M) |
Part III, IP Security, in System Administration Guide: IP Services |
password policy |
passwd(1), nsswitch.conf(4), crypt.conf(4), policy.conf(4) |
Maintaining Login Control |
policy for public key technologies |
kmfcfg(1) |
Chapter 15, Solaris Key Management Framework |
RBAC policy |
rbac(5) |
exec_attr Database |
