× Discuss about Archiving, Close of Business, Delivery Setup, Security Management System, Global Processing etc…

ADMINISTRATION OF PRIVILEGES IN T24

  • AIME CLAUDE
  • Topic Author
  • Offline
  • New Member
  • New Member
More
3 years 6 months ago #22975 by AIME CLAUDE
ADMINISTRATION OF PRIVILEGES IN T24 was created by AIME CLAUDE
How can we ensure privileged users e.g Administrators, cannot monitor themselves, since they can alter security controls to conceal their irregular activities?

Please Log in or Create an account to join the conversation.

  • VK
  • VK's Avatar
  • Offline
  • Platinum Member
  • Platinum Member
  • Globus|G09-G13 TAFC|R05-R23 TAFJ|R19,R23-test
More
3 years 6 months ago - 3 years 6 months ago #22979 by VK
Replied by VK on topic ADMINISTRATION OF PRIVILEGES IN T24
Hi
the matter is quite complex.
You haven't mentioned your architecture but for TAFC / jBASE database here are some thoughts:

On T24 level activities you can monitor F.PROTOCOL (first make sure that all users have in F.USER record):
  25 SIGN.ON.OFF.LOG... Y
  26 SECURITY.MGMT.L... Y
  27 APPLICATION.LOG... Y
  28 FUNCTION.ID.LOG... Y

Then you'll need a trigger either on F.PROTOCOL (catch record amend or delete) and F.USER (amend).
Then you need to somehow monitor trigger disabling / enabling again. This partially can be done using another trigger - on \tmp\jutil_ctrl (in TAFC folder) to catch jsh level commands (including JED). Still it won't help you if user launches OS shell from jsh and types a command there.

Bottom line: near to impossible. Better hire appropriate people that you can trust and/or use other approach of employees control (out of my scope).

Cheers
VK
Last edit: 3 years 6 months ago by VK.

Please Log in or Create an account to join the conversation.

Time to create page: 0.101 seconds