46 Securing NFS in AIX
3.1 General security concepts and terminology
This section lays a foundation for the rest of the chapter by introducing
terminology that will that will be used throughout the chapter.
3.1.1 Broad security categories
The topic of security can be very broad and far-reaching. A discussion of security
measures might include items in the following categories:
Physical security Measures taken to control physical access to a facility or
resource. Padlocks, fences, guards, and dogs are
examples of physical security measures.
Personnel security Measures taken to help ensure that the people who are
granted access to secured resources are reliable and are
not likely to compromise the security of those resources.
Security clearances and photo ID badges are examples of
personnel security measures.
Information security Measures taken to protect important information from
unauthorized disclosure, tampering, or destruction.
Passwords, encryption, and file access permissions are
examples of information security measures.
We will be talking in this chapter primarily about what we call
information
security, because NFS V4 is about sharing information. Organizations will not be
able to properly protect their information resources without also implementing
physical and personnel security measures, but we will not address those
measures in this document.
3.1.2 Information security components
In an NFS V4 context, information security falls into the following areas:
Identification Uniquely establishes the identity of information system
users, hosts, and services. Answers questions such as,
“Who are the users or hosts that are trying to access
shared data on my server?”
Authentication Confirms the identity of a system user, host, or service.
Answers questions such as, “Is this user really who he or
she claims to be?”
Chapter 3. Enhanced security in NFS V4 47
Authorization Controls what shared information each system user or
other entity can access. Answers questions such as,
“Does this user have the right to access a shared data
object on my server?
3.1.3 RPC security flavors
NFS V4 uses Sun’s Remote Procedure Call (RPC) protocol to communicate over
the network between the client and the server. The IBM implementation enables
you to use three different RPC security flavors:
򐂰 Basic UNIX security (AUTH_SYS, aka AUTH_UNIX)
򐂰 Diffie-Hellman security (AUTH_DH, aka AUTH_DES)
򐂰 RPCSEC_GSS security as defined in RFC2203
3.1.4 RPCSEC_GSS protection levels
When using RPCSEC_GSS security with RPCs, there are three levels of
protection that can be applied to the RPCs as they are transmitted over the
network between server and client:
Authentication Validates the identity of RPC sender
Integrity Validates that the contents of the RPC were not changed
during transmission (also includes authentication)
Privacy Prevents unauthorized viewing of data while it is in transit
between client and server (also includes authentication
and integrity)
Keep in mind that each increasing level of protection comes with a performance
penalty. Choose the minimum level that meets your data protection requirements.
3.1.5 RPCSEC_GSS protection mechanisms
The NFS V4 standard (RFC 3530) requires that NFS implementations support
three different RPCSEC_GSS mechanisms:
򐂰 Kerberos V5 (RFC1964)
򐂰 SPKM-3/LIPKEY (RFC2847)
򐂰 SPKM-3 on its own (RFC2847/RFC2025), for situations where the initiator
(the client) is anonymous or has its own certificate.
In AIX 5.3, IBM has implemented Kerberos V5, but not SPKM/LIPKEY at this
point in time.

Get Securing NFS in AIX An Introduction to NFS v4 in AIX 5L Version 5.3 now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.