Conference 7.286::digital

2948.0. "Client Server Security" by NYOS02::WALKER () Mon Mar 21 1994 10:31

I am having Client Server security issues with a new customer, which 
apparently are not unique.  I have reviewed the following with Colorado and
with a security group, with little success to date.  Anyone have suggestions?
I have posted this in the ODBC and SQL notes conferences too.  Thanks.


Customer XYZ wants help with 2 point security issues.  They are developing 
a client server application as follows:  VAX/VMS  server system with an 
Rdb database.  60 remote MS-Windows PC clients connected to the VAX by 
Pathworks TCP/IP.  The application on the PCs is written using MS-Access.  
It uses the ODBC Driver and SQL to interact with the server database.

When the PC system is booted, Pathworks is also stated up and a 
connection is established - PCSAV4.1 file services, read only and a 
virtual disk, D:.

When the application is started (via an ICON), sign on and verification
is established.  A C program on the PC collects username and password.  ODBC 
passes this to SQL services on the VAX for verification.  On verification, 
the user is assigned to a server process.  An invalid user can't sign on, 
but this is a network login and many interactive security features are not 
available.  For example, the user is not informed of password expiration 
dates.

The 2 point issues are:

1.  Customer XYZ wants to know who signs in from which remote sites.  
The SYS$MANAGER:SQLSRV$.LOG file logs messages about INVALID attempts.  
It documents user, TCP/IP address, etc.  XYZ would also like this 
information for VALID attempts.  They want to make sure that they know 
if a user logs in from a different remote site.  This would involve (I 
guess) either an SQL or some other management parameter change or perhaps 
a modification of some sort to the SQL logging program.  The customer 
has called product support without success.  He says their response is 
basically "Uh, that sounds like a good idea".  I am in the process of 
following up to see if there is a better answer.
(ONLY POSSIBLE ANSWER I HAVE HERE IS TO USE Rdb V. 6.0 FUNCTION CALL OUTS
AND HAVE PC APPLICATION USE THESE TO FORCE A ROUTINE WHICH WILL WRITE OUT
TO SYS$OUTPUT, WHICH WILL GO INTO .LOG FILE.  HOWEVER, WE ARE NOT USING 
V 6.0 OF Rdb.)

2.  XYZ wants to provide the same (or similar) security features for 
the remote application user that an interacitve login user has.  They 
are specifically insistent that the remote user should be able to get a 
message requesting that their password is about to expire and that they 
must change it (like an interactive VMS user).  The ODBC interface passes 
username and password and prevents invalid login.  But it does not force 
or even allow these other interactive features.  XYZ wants to know how 
this can be done, even if programming needs to be involved.
(NO ANSWER HERE.)

I am looking for an answer to question 1 and an answer or a strategy for 
question 2.  16 hours of consulting could be easily justified.  Any 
security implementation could be additional, especially if programming 
were required.  Telephone conversation can be easily arranged with John 
Doe, the XYZ customer.

    You could also try 9406::SECURITY_INFORMATION
    
    KP 7 should work

    Or MSBCS::CLIENT_SERVER
    
    Laurie.

    The right place to ask this is SQL/Services which the basenoter did.
    The INVLAID logging is done by SQL/Services so it makes sense that
    valid logging should as well.
    
    I don't believe that SQL on down has any of the information required
    for logging.
    
    michael

    Hmmmm - write your own password filter?  Have it check for the
    attributes associated with remote users and generate a logfile
    of them???  ... Don't know if SQL/services uses the standard
    VMS loginout features, but it might work...