LJK/Security Reference Manual

Part

Part Site-Specific Customization

Chapter 7

7 Policy Modification

     7.1     Disables

         7.1.1         Using the /METHOD=QUICK qualifier

     7.2     Limits

     7.3     Exemptions

     7.4     Audit history

     7.5     Tri-valued logic

     7.6     Boolean customization techniques

     7.7     Numeric customization techniques

     7.8     Policy Performance Considerations

     7.9     SHOW POLICY/COMMAND_PROCEDURE

Chapter 8

8 Assessment Modification

     8.1     Adding and Removing Nodes from the Assessment

     8.2     Changing Policies Applied to Nodes

     8.3     Changing Request Media

     8.4     Changing Result Media

     8.5     Changing Default Methods

     8.6     Audit history

Chapter 9

9 Using Program Call Interfaces

     9.1     Master Node Invocation Entrypoints

         9.1.1         Parsing Entrypoints

             9.1.1.1             LJK$SECURITY_PARSE_DCL entry

             9.1.1.2             LJK$SECURITY_PARSE_CLI entry

             9.1.1.3             LJK$SECURITY_PARSE_FOREIGN entry

         9.1.2         Execution Entrypoint

             9.1.2.1             LJK$SECURITY_EXECUTE entry

         9.1.3         Detailed Master Node Invocation Entrypoint Descriptions

    Command 301     LJK$SECURITY_PARSE_DCL

    Command 302     LJK$SECURITY_PARSE_CLI

    Command 303     LJK$SECURITY_PARSE_FOREIGN

    Command 304     LJK$SECURITY_EXECUTE

     9.2     Master Node Report Formatting Callout Entrypoints

         9.2.1         Required Report Formatting Entrypoints

         9.2.2         Optional Report Formatting Entrypoints

             9.2.2.1             Total Entrypoints (optional)

             9.2.2.2             Unanswered Entrypoints (optional)

             9.2.2.3             Detail Entrypoints (optional)

         9.2.3         Report Formatting Parameters

         9.2.4         Building a Report Formatting Module

         9.2.5         Running a Report Formatting Module

         9.2.6         Debugging a Report Formatting Module

         9.2.7         Detailed Report Formatting Entrypoint Descriptions

    Command 305     AUTOMATIC_DETAIL

    Command 306     AUTOMATIC_TOTAL

    Command 307     COMPENSATING_CONTROL_DETAIL

    Command 308     COMPENSATING_CONTROL_TOTAL

    Command 309     COVERAGE

    Command 310     FINALIZE

    Command 311     INITIALIZE

    Command 312     INTERVIEW_DETAIL

    Command 313     INTERVIEW_TOTAL

    Command 314     INTERVIEW_UNANSWERED

    Command 315     INVASIVE_TESTING_DETAIL

    Command 316     INVASIVE_TESTING_TOTAL

    Command 317     INVASIVE_TESTING_UNANSWERED

    Command 318     MANUAL_EXAMINATION_DETAIL

    Command 319     MANUAL_EXAMINATION_TOTAL

    Command 320     MANUAL_EXAMINATION_UNANSWERED

    Command 321     NODE_DETAIL

    Command 322     NODE_TOTAL

    Command 323     POLICY_RULE_TEXT

    Command 324     POLICY_TERMS

     9.3     Tributary Node Callout Entrypoint

         9.3.1         Linking of Customer-Provided Software

         9.3.2         Distribution of Customer-Provided Software

         9.3.3         LJK$SECURITY_SITE_CHECKSUM callout

             9.3.3.1             Specialized use of the Limit

             9.3.3.2             Specialized use of Exemptions

         9.3.4         Detailed Checksum Entrypoint Description

    Command 325     LJK$SECURITY_SITE_CHECKSUM

Chapter 10

10 Using LJK/Security With Removable Media

     10.1     Reasons

     10.2     Software Installation

     10.3     Request Transmission

     10.4     Result Transmission

     10.5     Relation to Labeling

         10.5.1         No File Deletion

         10.5.2         Avoiding Premounted Media

Chapter 11

11 Tips for Special Situations

     11.1     Generating "Work Papers" for Auditors

     11.2     Tracking Usernames

         11.2.1         Tracking Username Presence

         11.2.2         Tracking Username Enabling

     11.3     Operating in a Classified Environment

         11.3.1         No DECnet

         11.3.2         Requests Must be Generated at the Lowest Security Level

         11.3.3         Results Must be Reported at the Highest Security Level

             11.3.3.1             Recommended Technique: Period Processing on the Master Node

Part
Part	Site-Specific Customization
Chapter 7
7	Policy Modification
7.1	Disables
7.1.1	Using the /METHOD=QUICK qualifier
7.2	Limits
7.3	Exemptions
7.4	Audit history
7.5	Tri-valued logic
7.6	Boolean customization techniques
7.7	Numeric customization techniques
7.8	Policy Performance Considerations
7.9	SHOW POLICY/COMMAND_PROCEDURE
Chapter 8
8	Assessment Modification
8.1	Adding and Removing Nodes from the Assessment
8.2	Changing Policies Applied to Nodes
8.3	Changing Request Media
8.4	Changing Result Media
8.5	Changing Default Methods
8.6	Audit history
Chapter 9
9	Using Program Call Interfaces
9.1	Master Node Invocation Entrypoints
9.1.1	Parsing Entrypoints
9.1.1.1	LJK$SECURITY_PARSE_DCL entry
9.1.1.2	LJK$SECURITY_PARSE_CLI entry
9.1.1.3	LJK$SECURITY_PARSE_FOREIGN entry
9.1.2	Execution Entrypoint
9.1.2.1	LJK$SECURITY_EXECUTE entry
9.1.3	Detailed Master Node Invocation Entrypoint Descriptions
Command 301	LJK$SECURITY_PARSE_DCL
Command 302	LJK$SECURITY_PARSE_CLI
Command 303	LJK$SECURITY_PARSE_FOREIGN
Command 304	LJK$SECURITY_EXECUTE
9.2	Master Node Report Formatting Callout Entrypoints
9.2.1	Required Report Formatting Entrypoints
9.2.2	Optional Report Formatting Entrypoints
9.2.2.1	Total Entrypoints (optional)
9.2.2.2	Unanswered Entrypoints (optional)
9.2.2.3	Detail Entrypoints (optional)
9.2.3	Report Formatting Parameters
9.2.4	Building a Report Formatting Module
9.2.5	Running a Report Formatting Module
9.2.6	Debugging a Report Formatting Module
9.2.7	Detailed Report Formatting Entrypoint Descriptions
Command 305	AUTOMATIC_DETAIL
Command 306	AUTOMATIC_TOTAL
Command 307	COMPENSATING_CONTROL_DETAIL
Command 308	COMPENSATING_CONTROL_TOTAL
Command 309	COVERAGE
Command 310	FINALIZE
Command 311	INITIALIZE
Command 312	INTERVIEW_DETAIL
Command 313	INTERVIEW_TOTAL
Command 314	INTERVIEW_UNANSWERED
Command 315	INVASIVE_TESTING_DETAIL
Command 316	INVASIVE_TESTING_TOTAL
Command 317	INVASIVE_TESTING_UNANSWERED
Command 318	MANUAL_EXAMINATION_DETAIL
Command 319	MANUAL_EXAMINATION_TOTAL
Command 320	MANUAL_EXAMINATION_UNANSWERED
Command 321	NODE_DETAIL
Command 322	NODE_TOTAL
Command 323	POLICY_RULE_TEXT
Command 324	POLICY_TERMS
9.3	Tributary Node Callout Entrypoint
9.3.1	Linking of Customer-Provided Software
9.3.2	Distribution of Customer-Provided Software
9.3.3	LJK$SECURITY_SITE_CHECKSUM callout
9.3.3.1	Specialized use of the Limit
9.3.3.2	Specialized use of Exemptions
9.3.4	Detailed Checksum Entrypoint Description
Command 325	LJK$SECURITY_SITE_CHECKSUM
Chapter 10
10	Using LJK/Security With Removable Media
10.1	Reasons
10.2	Software Installation
10.3	Request Transmission
10.4	Result Transmission
10.5	Relation to Labeling
10.5.1	No File Deletion
10.5.2	Avoiding Premounted Media
Chapter 11
11	Tips for Special Situations
11.1	Generating "Work Papers" for Auditors
11.2	Tracking Usernames
11.2.1	Tracking Username Presence
11.2.2	Tracking Username Enabling
11.3	Operating in a Classified Environment
11.3.1	No DECnet
11.3.2	Requests Must be Generated at the Lowest Security Level
11.3.3	Results Must be Reported at the Highest Security Level
11.3.3.1	Recommended Technique: Period Processing on the Master Node

Contents

Index