SlideShare a Scribd company logo

VistA GT.M & Linux Security 062506

C
ckuyehar
BusinessTechnology
1 of 12
GT.M/Linux Robustness, Security, & Continuity of Business for VistA K.S. Bhaskar Fidelity Information Services, Inc. ks.bhaskar@fnf.com +1 (610) 578-4265
Objectives • Correct information and usable functionality is available for those who need it, when they need it – Within limits of the design and implementation • Not available otherwise 2
Layers • VistA – separate topic, covered by Dave Whitten • MUMPS [GT.M] • Operating System [GNU/Linux] 3
GT.M Security • Daemonless architecture – Processes run with normal user ids – Processes can access database files if they have access permissions granted by the operating system – Enable / control using file ownership & permissions; user & group ids • Use Access Control Lists (ACLs) or SE Linux for finer grained control • Published security model – read it, understand it, use it 4
GT.M Database and Routine Access Routine Routine $ZROutines $ZGbldir Process Process global directory shared memory control structures database journal file file 5
GT.M Security – ASP Routine Routine $ZROutines $ZGbldir shared memory control structures global directory Process Process database file journal shared memory file database journal control structures file file 6
Robustness • Journaling – Use before image journaling in production – Consider journaling even for development environments • NOBEFORE may suffice, unless replicated • Backup early, backup often • Integrity – Trust but verify 7
Logical multi-site operation Secondary Primary ... Tertiary 1 primary Secondary ... 16 secondaries Tertiary 256 tertiaries 4096 quarternaries 8
Linux security • Use Linux security! – Each user has own user id – Each group has own group id – ssh, xinetd, stunnel, etc. – build on standard security models and tools that the Internet infrastructure is built on 9
Encryption • Use the loop-aes file system – Databases – Journal files – Swap files • Remember to encrypt back-ups (e.g., with mcrypt) – Unencrypted backups are perhaps the most overlooked serious vulnerability • You can't stop the National Security Agency from getting your patient data if they want to, but you can make it hard for them 10
What gives? • The weakest link – If humans and strong passwords are your weakest link, you have done a good job of security – Absolute security does not exist – you just want to make it not a worthwhile investment of time and effort 11
Thank you K.S. Bhaskar ks.bhaskar@fnf.com +1 (610) 578-4265 12

Recommended

Caspa Preservabl Infrastructure Luigi Briguglio
Caspa Preservabl Infrastructure Luigi BriguglioCaspa Preservabl Infrastructure Luigi Briguglio
Caspa Preservabl Infrastructure Luigi BriguglioDigitalPreservationEurope
 
Qsan unified storage (nas + san)
Qsan unified storage (nas + san)Qsan unified storage (nas + san)
Qsan unified storage (nas + san)qsantechnology
 
Rob Tweed :: Ajax and the Impact on Caché and Similar Technologies
Rob Tweed :: Ajax and the Impact on Caché and Similar TechnologiesRob Tweed :: Ajax and the Impact on Caché and Similar Technologies
Rob Tweed :: Ajax and the Impact on Caché and Similar Technologiesgeorge.james
 
NoSQL Technology
NoSQL TechnologyNoSQL Technology
NoSQL TechnologyFachry Bafadal
 
GT.M: A Tried and Tested Open-Source NoSQL Database
GT.M: A Tried and Tested Open-Source NoSQL DatabaseGT.M: A Tried and Tested Open-Source NoSQL Database
GT.M: A Tried and Tested Open-Source NoSQL DatabaseRob Tweed
 
Mem forensic
Mem forensicMem forensic
Mem forensicChong-Kuan Chen
 
Introduction to GlusterFS Webinar - September 2011
Introduction to GlusterFS Webinar - September 2011Introduction to GlusterFS Webinar - September 2011
Introduction to GlusterFS Webinar - September 2011GlusterFS
 
Gluster Webinar: Introduction to GlusterFS v3.3
Gluster Webinar: Introduction to GlusterFS v3.3Gluster Webinar: Introduction to GlusterFS v3.3
Gluster Webinar: Introduction to GlusterFS v3.3GlusterFS
 

Recommended

Caspa Preservabl Infrastructure Luigi Briguglio
Caspa Preservabl Infrastructure Luigi BriguglioCaspa Preservabl Infrastructure Luigi Briguglio
Caspa Preservabl Infrastructure Luigi BriguglioDigitalPreservationEurope
 
Qsan unified storage (nas + san)
Qsan unified storage (nas + san)Qsan unified storage (nas + san)
Qsan unified storage (nas + san)qsantechnology
 
Rob Tweed :: Ajax and the Impact on Caché and Similar Technologies
Rob Tweed :: Ajax and the Impact on Caché and Similar TechnologiesRob Tweed :: Ajax and the Impact on Caché and Similar Technologies
Rob Tweed :: Ajax and the Impact on Caché and Similar Technologiesgeorge.james
 
NoSQL Technology
NoSQL TechnologyNoSQL Technology
NoSQL TechnologyFachry Bafadal
 
GT.M: A Tried and Tested Open-Source NoSQL Database
GT.M: A Tried and Tested Open-Source NoSQL DatabaseGT.M: A Tried and Tested Open-Source NoSQL Database
GT.M: A Tried and Tested Open-Source NoSQL DatabaseRob Tweed
 
Mem forensic
Mem forensicMem forensic
Mem forensicChong-Kuan Chen
 
Introduction to GlusterFS Webinar - September 2011
Introduction to GlusterFS Webinar - September 2011Introduction to GlusterFS Webinar - September 2011
Introduction to GlusterFS Webinar - September 2011GlusterFS
 
Gluster Webinar: Introduction to GlusterFS v3.3
Gluster Webinar: Introduction to GlusterFS v3.3Gluster Webinar: Introduction to GlusterFS v3.3
Gluster Webinar: Introduction to GlusterFS v3.3GlusterFS
 
DefCon 2012 - Anti-Forensics and Anti-Anti-Forensics
DefCon 2012 - Anti-Forensics and Anti-Anti-ForensicsDefCon 2012 - Anti-Forensics and Anti-Anti-Forensics
DefCon 2012 - Anti-Forensics and Anti-Anti-ForensicsMichael Smith
 
Novell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell
 
Novell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell
 
Gluster Webinar: Introduction to GlusterFS
Gluster Webinar: Introduction to GlusterFSGluster Webinar: Introduction to GlusterFS
Gluster Webinar: Introduction to GlusterFSGlusterFS
 
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...Novell
 
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...Novell File Management Suite: Intelligently Manage File Storage for Maximum B...
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...Novell
 
Red Hat Storage - Introduction to GlusterFS
Red Hat Storage - Introduction to GlusterFSRed Hat Storage - Introduction to GlusterFS
Red Hat Storage - Introduction to GlusterFSGlusterFS
 
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012Marc Villemade
 
How to build an admin guy
How to build an admin guyHow to build an admin guy
How to build an admin guyMohamed Aboul-Fotouh
 
Windows 7 Architecture
Windows 7 ArchitectureWindows 7 Architecture
Windows 7 ArchitectureDaniyal Khan
 
ModeShape 3 overview
ModeShape 3 overviewModeShape 3 overview
ModeShape 3 overviewRandall Hauch
 
Intro to GlusterFS Webinar - August 2011
Intro to GlusterFS Webinar - August 2011Intro to GlusterFS Webinar - August 2011
Intro to GlusterFS Webinar - August 2011GlusterFS
 
Firebird database recovery and protection for enterprises and ISV
Firebird database recovery and protection for enterprises and ISVFirebird database recovery and protection for enterprises and ISV
Firebird database recovery and protection for enterprises and ISVMind The Firebird
 
You suck at Memory Analysis
You suck at Memory AnalysisYou suck at Memory Analysis
You suck at Memory AnalysisFrancisco Ribeiro
 
Key-value databases in practice Redis @ DotNetToscana
Key-value databases in practice Redis @ DotNetToscanaKey-value databases in practice Redis @ DotNetToscana
Key-value databases in practice Redis @ DotNetToscanaMatteo Baglini
 
Databases
DatabasesDatabases
Databasesguestf77c65c
 
Novell File Management Suite for Microsoft Active Directory Environments
Novell File Management Suite for Microsoft Active Directory EnvironmentsNovell File Management Suite for Microsoft Active Directory Environments
Novell File Management Suite for Microsoft Active Directory EnvironmentsNovell
 
Hard Disk Encryptions
Hard Disk EncryptionsHard Disk Encryptions
Hard Disk Encryptionsn|u - The Open Security Community
 
App cap2956v2-121001194956-phpapp01 (1)
App cap2956v2-121001194956-phpapp01 (1)App cap2956v2-121001194956-phpapp01 (1)
App cap2956v2-121001194956-phpapp01 (1)outstanding59
 
Inside the Hadoop Machine @ VMworld
Inside the Hadoop Machine @ VMworldInside the Hadoop Machine @ VMworld
Inside the Hadoop Machine @ VMworldRichard McDougall
 
Iehr ciif sdk-slides-draft-h
Iehr ciif sdk-slides-draft-hIehr ciif sdk-slides-draft-h
Iehr ciif sdk-slides-draft-hckuyehar
 
American Recovery and Reinvestment Act of 2009 HIT
American Recovery and Reinvestment Act of 2009 HITAmerican Recovery and Reinvestment Act of 2009 HIT
American Recovery and Reinvestment Act of 2009 HITckuyehar
 

More Related Content

Similar to VistA GT.M & Linux Security 062506

DefCon 2012 - Anti-Forensics and Anti-Anti-Forensics
DefCon 2012 - Anti-Forensics and Anti-Anti-ForensicsDefCon 2012 - Anti-Forensics and Anti-Anti-Forensics
DefCon 2012 - Anti-Forensics and Anti-Anti-ForensicsMichael Smith
 
Novell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell
 
Novell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell
 
Gluster Webinar: Introduction to GlusterFS
Gluster Webinar: Introduction to GlusterFSGluster Webinar: Introduction to GlusterFS
Gluster Webinar: Introduction to GlusterFSGlusterFS
 
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...Novell
 
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...Novell File Management Suite: Intelligently Manage File Storage for Maximum B...
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...Novell
 
Red Hat Storage - Introduction to GlusterFS
Red Hat Storage - Introduction to GlusterFSRed Hat Storage - Introduction to GlusterFS
Red Hat Storage - Introduction to GlusterFSGlusterFS
 
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012Marc Villemade
 
Windows 7 Architecture
Windows 7 ArchitectureWindows 7 Architecture
Windows 7 ArchitectureDaniyal Khan
 
ModeShape 3 overview
ModeShape 3 overviewModeShape 3 overview
ModeShape 3 overviewRandall Hauch
 
Intro to GlusterFS Webinar - August 2011
Intro to GlusterFS Webinar - August 2011Intro to GlusterFS Webinar - August 2011
Intro to GlusterFS Webinar - August 2011GlusterFS
 
Firebird database recovery and protection for enterprises and ISV
Firebird database recovery and protection for enterprises and ISVFirebird database recovery and protection for enterprises and ISV
Firebird database recovery and protection for enterprises and ISVMind The Firebird
 
Key-value databases in practice Redis @ DotNetToscana
Key-value databases in practice Redis @ DotNetToscanaKey-value databases in practice Redis @ DotNetToscana
Key-value databases in practice Redis @ DotNetToscanaMatteo Baglini
 
Novell File Management Suite for Microsoft Active Directory Environments
Novell File Management Suite for Microsoft Active Directory EnvironmentsNovell File Management Suite for Microsoft Active Directory Environments
Novell File Management Suite for Microsoft Active Directory EnvironmentsNovell
 
App cap2956v2-121001194956-phpapp01 (1)
App cap2956v2-121001194956-phpapp01 (1)App cap2956v2-121001194956-phpapp01 (1)
App cap2956v2-121001194956-phpapp01 (1)outstanding59
 
Inside the Hadoop Machine @ VMworld
Inside the Hadoop Machine @ VMworldInside the Hadoop Machine @ VMworld
Inside the Hadoop Machine @ VMworldRichard McDougall
 

Similar to VistA GT.M & Linux Security 062506 (20)

DefCon 2012 - Anti-Forensics and Anti-Anti-Forensics
DefCon 2012 - Anti-Forensics and Anti-Anti-ForensicsDefCon 2012 - Anti-Forensics and Anti-Anti-Forensics
DefCon 2012 - Anti-Forensics and Anti-Anti-Forensics
 
Novell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell File Management Suite Use Cases
Novell File Management Suite Use Cases
 
Novell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell File Management Suite Use Cases
Novell File Management Suite Use Cases
 
Gluster Webinar: Introduction to GlusterFS
Gluster Webinar: Introduction to GlusterFSGluster Webinar: Introduction to GlusterFS
Gluster Webinar: Introduction to GlusterFS
 
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
 
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...Novell File Management Suite: Intelligently Manage File Storage for Maximum B...
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...
 
Red Hat Storage - Introduction to GlusterFS
Red Hat Storage - Introduction to GlusterFSRed Hat Storage - Introduction to GlusterFS
Red Hat Storage - Introduction to GlusterFS
 
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012
 
How to build an admin guy
How to build an admin guyHow to build an admin guy
How to build an admin guy
 
Windows 7 Architecture
Windows 7 ArchitectureWindows 7 Architecture
Windows 7 Architecture
 
ModeShape 3 overview
ModeShape 3 overviewModeShape 3 overview
ModeShape 3 overview
 
Intro to GlusterFS Webinar - August 2011
Intro to GlusterFS Webinar - August 2011Intro to GlusterFS Webinar - August 2011
Intro to GlusterFS Webinar - August 2011
 
Firebird database recovery and protection for enterprises and ISV
Firebird database recovery and protection for enterprises and ISVFirebird database recovery and protection for enterprises and ISV
Firebird database recovery and protection for enterprises and ISV
 
You suck at Memory Analysis
You suck at Memory AnalysisYou suck at Memory Analysis
You suck at Memory Analysis
 
Key-value databases in practice Redis @ DotNetToscana
Key-value databases in practice Redis @ DotNetToscanaKey-value databases in practice Redis @ DotNetToscana
Key-value databases in practice Redis @ DotNetToscana
 
Databases
DatabasesDatabases
Databases
 
Novell File Management Suite for Microsoft Active Directory Environments
Novell File Management Suite for Microsoft Active Directory EnvironmentsNovell File Management Suite for Microsoft Active Directory Environments
Novell File Management Suite for Microsoft Active Directory Environments
 
Hard Disk Encryptions
Hard Disk EncryptionsHard Disk Encryptions
Hard Disk Encryptions
 
App cap2956v2-121001194956-phpapp01 (1)
App cap2956v2-121001194956-phpapp01 (1)App cap2956v2-121001194956-phpapp01 (1)
App cap2956v2-121001194956-phpapp01 (1)
 
Inside the Hadoop Machine @ VMworld
Inside the Hadoop Machine @ VMworldInside the Hadoop Machine @ VMworld
Inside the Hadoop Machine @ VMworld
 

More from ckuyehar

Iehr ciif sdk-slides-draft-h
Iehr ciif sdk-slides-draft-hIehr ciif sdk-slides-draft-h
Iehr ciif sdk-slides-draft-hckuyehar
 
American Recovery and Reinvestment Act of 2009 HIT
American Recovery and Reinvestment Act of 2009 HITAmerican Recovery and Reinvestment Act of 2009 HIT
American Recovery and Reinvestment Act of 2009 HITckuyehar
 
The Rise and Fall and Rise of Standard MUMPS
The Rise and Fall and Rise of Standard MUMPSThe Rise and Fall and Rise of Standard MUMPS
The Rise and Fall and Rise of Standard MUMPSckuyehar
 
Clinica PECS2
Clinica PECS2Clinica PECS2
Clinica PECS2ckuyehar
 
RPMS EHR WorldVistA 061607
RPMS EHR WorldVistA 061607RPMS EHR WorldVistA 061607
RPMS EHR WorldVistA 061607ckuyehar
 
Vista For Research
Vista For ResearchVista For Research
Vista For Researchckuyehar
 
Mexico Pittsburgh Ece Introduction
Mexico Pittsburgh Ece IntroductionMexico Pittsburgh Ece Introduction
Mexico Pittsburgh Ece Introductionckuyehar
 
FQHC Orientation
FQHC OrientationFQHC Orientation
FQHC Orientationckuyehar
 
Chart Book 2006
Chart Book 2006Chart Book 2006
Chart Book 2006ckuyehar
 
WorldVistA 061607
WorldVistA 061607WorldVistA 061607
WorldVistA 061607ckuyehar
 
WorldVistA by K.S. Bhaskar
WorldVistA by K.S. BhaskarWorldVistA by K.S. Bhaskar
WorldVistA by K.S. Bhaskarckuyehar
 
FDA Presentation 07/17/07
FDA Presentation 07/17/07FDA Presentation 07/17/07
FDA Presentation 07/17/07ckuyehar
 
Landis - System Administration
Landis - System AdministrationLandis - System Administration
Landis - System Administrationckuyehar
 
Landis - Mumps
Landis - MumpsLandis - Mumps
Landis - Mumpsckuyehar
 
FileMan Training Part 3
FileMan Training Part 3FileMan Training Part 3
FileMan Training Part 3ckuyehar
 
FileMan Training Part 1
FileMan Training Part 1FileMan Training Part 1
FileMan Training Part 1ckuyehar
 
FileMan Training Part 2
FileMan Training Part 2FileMan Training Part 2
FileMan Training Part 2ckuyehar
 
WorldVistA Business Plan Overview
WorldVistA Business Plan OverviewWorldVistA Business Plan Overview
WorldVistA Business Plan Overviewckuyehar
 
WorldVistA Business Plan
WorldVistA Business PlanWorldVistA Business Plan
WorldVistA Business Planckuyehar
 

More from ckuyehar (20)

Iehr ciif sdk-slides-draft-h
Iehr ciif sdk-slides-draft-hIehr ciif sdk-slides-draft-h
Iehr ciif sdk-slides-draft-h
 
American Recovery and Reinvestment Act of 2009 HIT
American Recovery and Reinvestment Act of 2009 HITAmerican Recovery and Reinvestment Act of 2009 HIT
American Recovery and Reinvestment Act of 2009 HIT
 
The Rise and Fall and Rise of Standard MUMPS
The Rise and Fall and Rise of Standard MUMPSThe Rise and Fall and Rise of Standard MUMPS
The Rise and Fall and Rise of Standard MUMPS
 
Clinica PECS2
Clinica PECS2Clinica PECS2
Clinica PECS2
 
RPMS EHR WorldVistA 061607
RPMS EHR WorldVistA 061607RPMS EHR WorldVistA 061607
RPMS EHR WorldVistA 061607
 
Vista For Research
Vista For ResearchVista For Research
Vista For Research
 
Mexico Pittsburgh Ece Introduction
Mexico Pittsburgh Ece IntroductionMexico Pittsburgh Ece Introduction
Mexico Pittsburgh Ece Introduction
 
Iahit
IahitIahit
Iahit
 
FQHC Orientation
FQHC OrientationFQHC Orientation
FQHC Orientation
 
Chart Book 2006
Chart Book 2006Chart Book 2006
Chart Book 2006
 
WorldVistA 061607
WorldVistA 061607WorldVistA 061607
WorldVistA 061607
 
WorldVistA by K.S. Bhaskar
WorldVistA by K.S. BhaskarWorldVistA by K.S. Bhaskar
WorldVistA by K.S. Bhaskar
 
FDA Presentation 07/17/07
FDA Presentation 07/17/07FDA Presentation 07/17/07
FDA Presentation 07/17/07
 
Landis - System Administration
Landis - System AdministrationLandis - System Administration
Landis - System Administration
 
Landis - Mumps
Landis - MumpsLandis - Mumps
Landis - Mumps
 
FileMan Training Part 3
FileMan Training Part 3FileMan Training Part 3
FileMan Training Part 3
 
FileMan Training Part 1
FileMan Training Part 1FileMan Training Part 1
FileMan Training Part 1
 
FileMan Training Part 2
FileMan Training Part 2FileMan Training Part 2
FileMan Training Part 2
 
WorldVistA Business Plan Overview
WorldVistA Business Plan OverviewWorldVistA Business Plan Overview
WorldVistA Business Plan Overview
 
WorldVistA Business Plan
WorldVistA Business PlanWorldVistA Business Plan
WorldVistA Business Plan
 

Recently uploaded

Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...lizamodels9
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLSeo
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...Aggregage
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANIlamathiKannappan
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...amitlee9823
 
Business Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture conceptBusiness Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture conceptP&CO
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxAndy Lambert
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityEric T. Tung
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...lizamodels9
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentationuneakwhite
 
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...amitlee9823
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangaloreamitlee9823
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Roland Driesen
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...amitlee9823
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableSeo
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...rajveerescorts2022
 

Recently uploaded (20)

Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
 
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
The Path to Product Excellence: Avoiding Common Pitfalls and Enhancing Commun...
 
A DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMANA DAY IN THE LIFE OF A SALESMAN / WOMAN
A DAY IN THE LIFE OF A SALESMAN / WOMAN
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
Business Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture conceptBusiness Model Canvas (BMC)- A new venture concept
Business Model Canvas (BMC)- A new venture concept
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Monthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptxMonthly Social Media Update April 2024 pptx.pptx
Monthly Social Media Update April 2024 pptx.pptx
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
Call Girls From Pari Chowk Greater Noida ❤️8448577510 ⊹Best Escorts Service I...
 
Uneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration PresentationUneak White's Personal Brand Exploration Presentation
Uneak White's Personal Brand Exploration Presentation
 
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
Call Girls Kengeri Satellite Town Just Call 👗 7737669865 👗 Top Class Call Gir...
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...Ensure the security of your HCL environment by applying the Zero Trust princi...
Ensure the security of your HCL environment by applying the Zero Trust princi...
 
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
Call Girls Electronic City Just Call 👗 7737669865 👗 Top Class Call Girl Servi...
 
Falcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in indiaFalcon Invoice Discounting platform in india
Falcon Invoice Discounting platform in india
 
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service AvailableCall Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
Call Girls Ludhiana Just Call 98765-12871 Top Class Call Girl Service Available
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 

VistA GT.M & Linux Security 062506

  • 1. GT.M/Linux Robustness, Security, & Continuity of Business for VistA K.S. Bhaskar Fidelity Information Services, Inc. ks.bhaskar@fnf.com +1 (610) 578-4265
  • 2. Objectives • Correct information and usable functionality is available for those who need it, when they need it – Within limits of the design and implementation • Not available otherwise 2
  • 3. Layers • VistA – separate topic, covered by Dave Whitten • MUMPS [GT.M] • Operating System [GNU/Linux] 3
  • 4. GT.M Security • Daemonless architecture – Processes run with normal user ids – Processes can access database files if they have access permissions granted by the operating system – Enable / control using file ownership & permissions; user & group ids • Use Access Control Lists (ACLs) or SE Linux for finer grained control • Published security model – read it, understand it, use it 4
  • 5. GT.M Database and Routine Access Routine Routine $ZROutines $ZGbldir Process Process global directory shared memory control structures database journal file file 5
  • 6. GT.M Security – ASP Routine Routine $ZROutines $ZGbldir shared memory control structures global directory Process Process database file journal shared memory file database journal control structures file file 6
  • 7. Robustness • Journaling – Use before image journaling in production – Consider journaling even for development environments • NOBEFORE may suffice, unless replicated • Backup early, backup often • Integrity – Trust but verify 7
  • 8. Logical multi-site operation Secondary Primary ... Tertiary 1 primary Secondary ... 16 secondaries Tertiary 256 tertiaries 4096 quarternaries 8
  • 9. Linux security • Use Linux security! – Each user has own user id – Each group has own group id – ssh, xinetd, stunnel, etc. – build on standard security models and tools that the Internet infrastructure is built on 9
  • 10. Encryption • Use the loop-aes file system – Databases – Journal files – Swap files • Remember to encrypt back-ups (e.g., with mcrypt) – Unencrypted backups are perhaps the most overlooked serious vulnerability • You can't stop the National Security Agency from getting your patient data if they want to, but you can make it hard for them 10
  • 11. What gives? • The weakest link – If humans and strong passwords are your weakest link, you have done a good job of security – Absolute security does not exist – you just want to make it not a worthwhile investment of time and effort 11
  • 12. Thank you K.S. Bhaskar ks.bhaskar@fnf.com +1 (610) 578-4265 12