Browser to User Interface

Communications between the browser and the browser user interface is achieved by using secure HTTP. Users are required to log in to the browser interface.

Identity

A user is identified by his or her UNIX user name. A server is identified by its host name.

Authentication

User identity is initially proven using standard Solaris mechanisms. Subsequent transactions use reauthentication provided by the servlet session framework. Server identity is proven through the use of a self-signed certificate.

Authorization

Authorization is performed by standard Sun Management Center mechanisms, as described in the Sun Management Center 3.0 Software User's Guide. These mechanisms offer per-user, per-operation control at the service level and per-user, per-operation, and per-target control at the agent level. Change Manager respects Sun Management Center authorization data, but does not provide a user interface mechanism to manipulate it.

Only rudimentary control access to Change Manager data is currently supported. All users who are authorized to use a Change Manager service are able to access all Change Manager data associated with that service.

Confidentiality

Secure HTTP mechanisms are used to encrypt traffic between the browser and the user interface.

Integrity

The combination of encryption and authentication precludes productive corruption of the traffic.

Availability

Flood attacks and corruption attacks can disrupt service. Underlying Solaris authentication mechanisms might optionally implement an authentication failure lockout policy. Such a lockout policy might enable denial of service attacks.

Accountability

Logins and user-level actions are logged.