System Administration Guide: Security Services
Previous Next

Security Policy

The phrase security policy, or policy, is used throughout this book to refer to an organization's security guidelines. Your site's security policy is the set of rules that define the sensitivity of the information that is being processed and the measures that are used to protect the information from unauthorized access. Security technologies such as Solaris Secure Shell, authentication, RBAC, authorization, privileges, and resource control provide measures to protect information.

Some security technologies also use the word policy when describing specific aspects of their implementation. For example, Solaris auditing uses audit policy options to configure some aspects of auditing policy. The following table points to glossary, man page, and information on features that use the word policy to describe specific aspects of their implementation.

Table 1-1 Use of Policy in the Solaris OS

Glossary Definition

Selected Man Pages

Further Information

audit policy

audit_control(4), audit_user(4), auditconfig(1M)

Chapter 28, Solaris Auditing (Overview)

policy in the cryptographic framework

cryptoadm(1M)

Chapter 13, Solaris Cryptographic Framework (Overview)

device policy

getdevpolicy(1M)

Controlling Access to Devices

Kerberos policy

krb5.conf(4)

Chapter 25, Administering Kerberos Principals and Policies (Tasks)

network policies

ipfilter(5), ifconfig(1M), ike.config(4), ipsecconf(1M), routeadm(1M)

Part III, IP Security, in System Administration Guide: IP Services

password policy

passwd(1), nsswitch.conf(4), crypt.conf(4), policy.conf(4)

Maintaining Login Control

policy for public key technologies

kmfcfg(1)

Chapter 15, Solaris Key Management Framework

RBAC policy

rbac(5)

exec_attr Database

Previous Next