Tab navigation
- System security
- Network security
- System management
- RealSecure Server Sensor
- Applications & tools
- Access control
- Encryption
- Related documentation
System security provides the means to manage various users and groups and to implement access and privilege controls against operating system resources. AIX allows you to install, configure and deploy security mechanisms in the base operating system. It also provides a variety of authentication mechanisms to protect the system against unauthorized access.
System security
System security provides the means to manage various users and groups and to implement access controls and privilege controls against operating system resources.
Kerberos authentication
An AIX administrator can manage Kerberos-authenticated users and their associated Kerberos principals.
PKI certificate-based authentication
Certificate Authentication Service provides the AIX operating system with the ability to authenticate users using X.509 public key infrastructure (PKI) certificates and to associate certificates with processes as proof of a user's identity.
LDAP authentication
The Light Directory Access Protocol (LDAP) method is used to allow centralized security authentication as well as access to user and group information. This functionality is intended to be used as a centralized, global repository to keep authentication, user, and group information common across multiple hosts.
Pluggable authentication method (PAM) infrastructure
The pluggable authentication module (PAM) framework provides system administrators with the ability to incorporate multiple authentication mechanisms into an existing system through the use of pluggable modules. Applications enabled to make use of PAM can be plugged into new technologies without modifying the existing applications.
Enterprise Identity Mapping (EIM)
Today's network environments are made up of complex groups of systems and applications, resulting in the need to manage multiple user registries. Dealing with multiple user registries quickly grows into a large administrative problem that affects users, administrators and application developers. EIM can help.
Auditing
It is essential in a server environment that the system activities log be set up to monitor for unauthorized access. The AIX auditing subsystem enables the system administrator to record security-relevant information, which can be analyzed to detect potential and actual violations of the system security policy.
Related documentation
Strengthening AIX Security: A System-Hardening Approach
This paper provides a baseline of AIX security for system administrators and offers guiding principles to help you begin securing your system.
Configuring the AIX Security Subsystem to Use IBM's SecureWay Directory (LDAP)
This white paper provides an overview of the mksecldap command, which sets up an AIX cluster that consists of one or more servers and one or more clients that use the SecureWay Directory (LDAP) for security authentication and user and group management.
Configuring an AIX Client System for User Authentication and Management Through LDAP
This paper focuses on configuring AIX® systems as clients of directory servers, both IBM Directory servers and third party LDAP (Lightweight Directory Access Protocol) servers.
Additional AIX Security Tools on IBM eServer™ pSeries, IBM RS/6000 and SP/Cluster
This Redbook describes additional tools and techniques you can use to enhance the security of your pSeries environment.
Configuring an IBM Directory Server for User Authentication and Management in AIX
The goal of this paper is to provide details about configuring IBM Directory Server to support user authentication through LDAP.
Using LDAP for Naming Services in AIX
This white paper explains the NIS_LDAP naming service and how to configure AIX systems to use it.