The following are environmental characteristics that are required to administer Adaptive Server in a secure manner:
Authorized administrators must be non-hostile, appropriately trained and follow all administrator guidance.
The IT environment must provide support commensurate with the expectations of the Adaptive Server.
The IT environment must provide a time source that provides reliable time stamps. Generally, this is provided by the hardware.
The IT environment must provide protection to the Adaptive Server and its assets from external interference or tampering.
The system administrator will provide authorized administrators with the necessary information for secure management of Adaptive Server.
Adaptive Server must be installed, configured, managed and maintained in accordance with its guidance documentation and applicable security policies and procedures by appropriately trained and trusted administrator personnel.
System administrators will follow Adaptive Server System Administration guidelines to establish and maintain security.
There will be no general-purpose computing capabilities (e.g., compilers or user applications) available on Adaptive Server servers, other than those services necessary for the operation, administration and support of the DBMS.
Physical security must be provided within the domain for the value of the IT assets protected by Adaptive Server and the value of the stored, processed, and transmitted information.
The IT environment and its assets will be protected from external interference, tampering or unauthorized disclosure.
Each IT entity Adaptive Server relies on for security functions will be installed, configured, managed, maintained and provide the applicable security functions in a manner appropriate to the IT entity, and consistent with the security policy of Adaptive Server and the relationship between them.
Administrators must not leave sessions unattended.
| Copyright © 2004. Sybase Inc. All rights reserved. | ||
