Use the following checklist to track completion of each step of the implementation process:
|
Task |
|
|---|---|
|
Determine who will administer MLS |
□ |
|
Delegate MLS administrative authority (optional) |
□ |
|
Select what to classify with a security label |
□ |
|
Define security levels |
□ |
|
Define categories (optional) |
□ |
|
Define security labels |
□ |
|
Activate security levels, categories, and security labels |
□ |
|
Assign security labels to objects |
□ |
|
Assign security labels to data sets |
□ |
|
Assign security labels to resources |
□ |
|
Assign security labels to DB2 resources |
□ |
|
Assign security labels to IP addresses |
□ |
|
Assign security labels to UNIX files and directories |
□ |
|
Assign security labels to UNIX IPC objects |
□ |
|
Assign security labels to users |
□ |
|
Establish the MLS environment |
□ |
|
Define the MLS Control Options |
□ |
|
Require security labels (optional) |
□ |
|
UNIX files and directories (optional) |
□ |
|
UNIX IPC objects (optional) |
□ |
|
Prohibit write-down (optional) |
□ |
|
Activate “controlled write-down” (optional) |
□ |
|
Activate name hiding (optional) |
□ |
|
Activate system-specific security labels (optional) |
□ |
|
Change the MODE setting |
□ |
|
Activate MLS in DORM mode |
□ |
|
Test MLS in DORM mode |
□ |
|
Activate MLS in WARN mode |
□ |
|
Test MLS in WARN mode |
□ |
|
Fine-tune MLS in WARN mode |
□ |
|
Migrate MLS to FAIL mode |
□ |
|
Deactivate MLS |
□ |
|
Monitor MLS |
□ |
|
HELP MLS command |
□ |
|
TSS WHOAMI command |
□ |
|
MLWRITE command |
□ |
|
MODIFY(STATUS(MLS)) command |
□ |
|
LIST(MLS) command |
□ |
|
Audit MLS |
□ |
|
Check authorization |
□ |
|
TSSUTIL Report Generator |
□ |
|
TSS sectrace |
□ |
|
Trace SAF requests |
□ |
|
Trace OMVS |
□ |
|
Use ISPF panels to administer MLS |
□ |
|
Use TSS commands to administer MLS |
□ |
|
Copyright © 2010 CA Technologies.
All rights reserved.
|
|