Navigation: Operation and Maintenance > Security Maintenance > Management Layer Security >
Minimum Principle
ϒ⁄Install only required services and components.
ϒ⁄Distinguish server functions and roles. Do not install unnecessary services or components.
ϒ⁄Distinguish functions and roles of service's internal components. Do not install unnecessary components.
Minimum Accounts
ϒ⁄Manage accounts strictly according to account policies.
ϒ⁄Strictly control addition, modification, and deletion of accounts and groups in the system.
ϒ⁄Delete all useless accounts and groups.
Minimum Rights
ϒ⁄Assign minimum rights to system services, groups, and accounts.
ϒ⁄Control right assignment strictly in the operating system.
ϒ⁄Forbid account's access to unrequired resources.
Dedication
ϒ⁄A host must run only one type of service.
ϒ⁄Partitions where the operating system, applications, and data are located must be separated.
Audit
ϒ⁄Operations on the host must be monitored by using logs or other feasible methods.
ϒ⁄Successes and failures to access the system's important resources must be audited.
ϒ⁄Successes and failures to modify the access control policy must be audited.
Parent Topic: Management Layer Security