SlideShare a Scribd company logo

VistA GT.M & Linux Security 062506

C
ckuyehar
BusinessTechnology
1 of 12
GT.M/Linux Robustness, Security, & Continuity of Business for VistA K.S. Bhaskar Fidelity Information Services, Inc. ks.bhaskar@fnf.com +1 (610) 578-4265
Objectives • Correct information and usable functionality is available for those who need it, when they need it – Within limits of the design and implementation • Not available otherwise 2
Layers • VistA – separate topic, covered by Dave Whitten • MUMPS [GT.M] • Operating System [GNU/Linux] 3
GT.M Security • Daemonless architecture – Processes run with normal user ids – Processes can access database files if they have access permissions granted by the operating system – Enable / control using file ownership & permissions; user & group ids • Use Access Control Lists (ACLs) or SE Linux for finer grained control • Published security model – read it, understand it, use it 4
GT.M Database and Routine Access Routine Routine $ZROutines $ZGbldir Process Process global directory shared memory control structures database journal file file 5
GT.M Security – ASP Routine Routine $ZROutines $ZGbldir shared memory control structures global directory Process Process database file journal shared memory file database journal control structures file file 6
Robustness • Journaling – Use before image journaling in production – Consider journaling even for development environments • NOBEFORE may suffice, unless replicated • Backup early, backup often • Integrity – Trust but verify 7
Logical multi-site operation Secondary Primary ... Tertiary 1 primary Secondary ... 16 secondaries Tertiary 256 tertiaries 4096 quarternaries 8
Linux security • Use Linux security! – Each user has own user id – Each group has own group id – ssh, xinetd, stunnel, etc. – build on standard security models and tools that the Internet infrastructure is built on 9
Encryption • Use the loop-aes file system – Databases – Journal files – Swap files • Remember to encrypt back-ups (e.g., with mcrypt) – Unencrypted backups are perhaps the most overlooked serious vulnerability • You can't stop the National Security Agency from getting your patient data if they want to, but you can make it hard for them 10
What gives? • The weakest link – If humans and strong passwords are your weakest link, you have done a good job of security – Absolute security does not exist – you just want to make it not a worthwhile investment of time and effort 11
Thank you K.S. Bhaskar ks.bhaskar@fnf.com +1 (610) 578-4265 12

Recommended

Caspa Preservabl Infrastructure Luigi Briguglio
Caspa Preservabl Infrastructure Luigi BriguglioCaspa Preservabl Infrastructure Luigi Briguglio
Caspa Preservabl Infrastructure Luigi BriguglioDigitalPreservationEurope
 
Qsan unified storage (nas + san)
Qsan unified storage (nas + san)Qsan unified storage (nas + san)
Qsan unified storage (nas + san)qsantechnology
 
Rob Tweed :: Ajax and the Impact on Caché and Similar Technologies
Rob Tweed :: Ajax and the Impact on Caché and Similar TechnologiesRob Tweed :: Ajax and the Impact on Caché and Similar Technologies
Rob Tweed :: Ajax and the Impact on Caché and Similar Technologiesgeorge.james
 
NoSQL Technology
NoSQL TechnologyNoSQL Technology
NoSQL TechnologyFachry Bafadal
 
GT.M: A Tried and Tested Open-Source NoSQL Database
GT.M: A Tried and Tested Open-Source NoSQL DatabaseGT.M: A Tried and Tested Open-Source NoSQL Database
GT.M: A Tried and Tested Open-Source NoSQL DatabaseRob Tweed
 
Mem forensic
Mem forensicMem forensic
Mem forensicChong-Kuan Chen
 
Introduction to GlusterFS Webinar - September 2011
Introduction to GlusterFS Webinar - September 2011Introduction to GlusterFS Webinar - September 2011
Introduction to GlusterFS Webinar - September 2011GlusterFS
 
Gluster Webinar: Introduction to GlusterFS v3.3
Gluster Webinar: Introduction to GlusterFS v3.3Gluster Webinar: Introduction to GlusterFS v3.3
Gluster Webinar: Introduction to GlusterFS v3.3GlusterFS
 

Recommended

Caspa Preservabl Infrastructure Luigi Briguglio
Caspa Preservabl Infrastructure Luigi BriguglioCaspa Preservabl Infrastructure Luigi Briguglio
Caspa Preservabl Infrastructure Luigi BriguglioDigitalPreservationEurope
 
Qsan unified storage (nas + san)
Qsan unified storage (nas + san)Qsan unified storage (nas + san)
Qsan unified storage (nas + san)qsantechnology
 
Rob Tweed :: Ajax and the Impact on Caché and Similar Technologies
Rob Tweed :: Ajax and the Impact on Caché and Similar TechnologiesRob Tweed :: Ajax and the Impact on Caché and Similar Technologies
Rob Tweed :: Ajax and the Impact on Caché and Similar Technologiesgeorge.james
 
NoSQL Technology
NoSQL TechnologyNoSQL Technology
NoSQL TechnologyFachry Bafadal
 
GT.M: A Tried and Tested Open-Source NoSQL Database
GT.M: A Tried and Tested Open-Source NoSQL DatabaseGT.M: A Tried and Tested Open-Source NoSQL Database
GT.M: A Tried and Tested Open-Source NoSQL DatabaseRob Tweed
 
Mem forensic
Mem forensicMem forensic
Mem forensicChong-Kuan Chen
 
Introduction to GlusterFS Webinar - September 2011
Introduction to GlusterFS Webinar - September 2011Introduction to GlusterFS Webinar - September 2011
Introduction to GlusterFS Webinar - September 2011GlusterFS
 
Gluster Webinar: Introduction to GlusterFS v3.3
Gluster Webinar: Introduction to GlusterFS v3.3Gluster Webinar: Introduction to GlusterFS v3.3
Gluster Webinar: Introduction to GlusterFS v3.3GlusterFS
 
DefCon 2012 - Anti-Forensics and Anti-Anti-Forensics
DefCon 2012 - Anti-Forensics and Anti-Anti-ForensicsDefCon 2012 - Anti-Forensics and Anti-Anti-Forensics
DefCon 2012 - Anti-Forensics and Anti-Anti-ForensicsMichael Smith
 
Novell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell
 
Novell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell
 
Gluster Webinar: Introduction to GlusterFS
Gluster Webinar: Introduction to GlusterFSGluster Webinar: Introduction to GlusterFS
Gluster Webinar: Introduction to GlusterFSGlusterFS
 
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...Novell
 
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...Novell File Management Suite: Intelligently Manage File Storage for Maximum B...
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...Novell
 
Red Hat Storage - Introduction to GlusterFS
Red Hat Storage - Introduction to GlusterFSRed Hat Storage - Introduction to GlusterFS
Red Hat Storage - Introduction to GlusterFSGlusterFS
 
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012Marc Villemade
 
How to build an admin guy
How to build an admin guyHow to build an admin guy
How to build an admin guyMohamed Aboul-Fotouh
 
Windows 7 Architecture
Windows 7 ArchitectureWindows 7 Architecture
Windows 7 ArchitectureDaniyal Khan
 
ModeShape 3 overview
ModeShape 3 overviewModeShape 3 overview
ModeShape 3 overviewRandall Hauch
 
Intro to GlusterFS Webinar - August 2011
Intro to GlusterFS Webinar - August 2011Intro to GlusterFS Webinar - August 2011
Intro to GlusterFS Webinar - August 2011GlusterFS
 
Firebird database recovery and protection for enterprises and ISV
Firebird database recovery and protection for enterprises and ISVFirebird database recovery and protection for enterprises and ISV
Firebird database recovery and protection for enterprises and ISVMind The Firebird
 
You suck at Memory Analysis
You suck at Memory AnalysisYou suck at Memory Analysis
You suck at Memory AnalysisFrancisco Ribeiro
 
Key-value databases in practice Redis @ DotNetToscana
Key-value databases in practice Redis @ DotNetToscanaKey-value databases in practice Redis @ DotNetToscana
Key-value databases in practice Redis @ DotNetToscanaMatteo Baglini
 
Databases
DatabasesDatabases
Databasesguestf77c65c
 
Novell File Management Suite for Microsoft Active Directory Environments
Novell File Management Suite for Microsoft Active Directory EnvironmentsNovell File Management Suite for Microsoft Active Directory Environments
Novell File Management Suite for Microsoft Active Directory EnvironmentsNovell
 
Hard Disk Encryptions
Hard Disk EncryptionsHard Disk Encryptions
Hard Disk Encryptionsn|u - The Open Security Community
 
App cap2956v2-121001194956-phpapp01 (1)
App cap2956v2-121001194956-phpapp01 (1)App cap2956v2-121001194956-phpapp01 (1)
App cap2956v2-121001194956-phpapp01 (1)outstanding59
 
Inside the Hadoop Machine @ VMworld
Inside the Hadoop Machine @ VMworldInside the Hadoop Machine @ VMworld
Inside the Hadoop Machine @ VMworldRichard McDougall
 
Iehr ciif sdk-slides-draft-h
Iehr ciif sdk-slides-draft-hIehr ciif sdk-slides-draft-h
Iehr ciif sdk-slides-draft-hckuyehar
 
American Recovery and Reinvestment Act of 2009 HIT
American Recovery and Reinvestment Act of 2009 HITAmerican Recovery and Reinvestment Act of 2009 HIT
American Recovery and Reinvestment Act of 2009 HITckuyehar
 

More Related Content

Similar to VistA GT.M & Linux Security 062506

DefCon 2012 - Anti-Forensics and Anti-Anti-Forensics
DefCon 2012 - Anti-Forensics and Anti-Anti-ForensicsDefCon 2012 - Anti-Forensics and Anti-Anti-Forensics
DefCon 2012 - Anti-Forensics and Anti-Anti-ForensicsMichael Smith
 
Novell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell
 
Novell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell
 
Gluster Webinar: Introduction to GlusterFS
Gluster Webinar: Introduction to GlusterFSGluster Webinar: Introduction to GlusterFS
Gluster Webinar: Introduction to GlusterFSGlusterFS
 
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...Novell
 
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...Novell File Management Suite: Intelligently Manage File Storage for Maximum B...
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...Novell
 
Red Hat Storage - Introduction to GlusterFS
Red Hat Storage - Introduction to GlusterFSRed Hat Storage - Introduction to GlusterFS
Red Hat Storage - Introduction to GlusterFSGlusterFS
 
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012Marc Villemade
 
Windows 7 Architecture
Windows 7 ArchitectureWindows 7 Architecture
Windows 7 ArchitectureDaniyal Khan
 
ModeShape 3 overview
ModeShape 3 overviewModeShape 3 overview
ModeShape 3 overviewRandall Hauch
 
Intro to GlusterFS Webinar - August 2011
Intro to GlusterFS Webinar - August 2011Intro to GlusterFS Webinar - August 2011
Intro to GlusterFS Webinar - August 2011GlusterFS
 
Firebird database recovery and protection for enterprises and ISV
Firebird database recovery and protection for enterprises and ISVFirebird database recovery and protection for enterprises and ISV
Firebird database recovery and protection for enterprises and ISVMind The Firebird
 
Key-value databases in practice Redis @ DotNetToscana
Key-value databases in practice Redis @ DotNetToscanaKey-value databases in practice Redis @ DotNetToscana
Key-value databases in practice Redis @ DotNetToscanaMatteo Baglini
 
Novell File Management Suite for Microsoft Active Directory Environments
Novell File Management Suite for Microsoft Active Directory EnvironmentsNovell File Management Suite for Microsoft Active Directory Environments
Novell File Management Suite for Microsoft Active Directory EnvironmentsNovell
 
App cap2956v2-121001194956-phpapp01 (1)
App cap2956v2-121001194956-phpapp01 (1)App cap2956v2-121001194956-phpapp01 (1)
App cap2956v2-121001194956-phpapp01 (1)outstanding59
 
Inside the Hadoop Machine @ VMworld
Inside the Hadoop Machine @ VMworldInside the Hadoop Machine @ VMworld
Inside the Hadoop Machine @ VMworldRichard McDougall
 

Similar to VistA GT.M & Linux Security 062506 (20)

DefCon 2012 - Anti-Forensics and Anti-Anti-Forensics
DefCon 2012 - Anti-Forensics and Anti-Anti-ForensicsDefCon 2012 - Anti-Forensics and Anti-Anti-Forensics
DefCon 2012 - Anti-Forensics and Anti-Anti-Forensics
 
Novell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell File Management Suite Use Cases
Novell File Management Suite Use Cases
 
Novell File Management Suite Use Cases
Novell File Management Suite Use CasesNovell File Management Suite Use Cases
Novell File Management Suite Use Cases
 
Gluster Webinar: Introduction to GlusterFS
Gluster Webinar: Introduction to GlusterFSGluster Webinar: Introduction to GlusterFS
Gluster Webinar: Introduction to GlusterFS
 
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
Novell Storage Manager: Your Secret Weapon for Simplified File and User Manag...
 
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...Novell File Management Suite: Intelligently Manage File Storage for Maximum B...
Novell File Management Suite: Intelligently Manage File Storage for Maximum B...
 
Red Hat Storage - Introduction to GlusterFS
Red Hat Storage - Introduction to GlusterFSRed Hat Storage - Introduction to GlusterFS
Red Hat Storage - Introduction to GlusterFS
 
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012
Panzura & Scality - Cloud Storage made seamless - Cloud Expo New York City 2012
 
How to build an admin guy
How to build an admin guyHow to build an admin guy
How to build an admin guy
 
Windows 7 Architecture
Windows 7 ArchitectureWindows 7 Architecture
Windows 7 Architecture
 
ModeShape 3 overview
ModeShape 3 overviewModeShape 3 overview
ModeShape 3 overview
 
Intro to GlusterFS Webinar - August 2011
Intro to GlusterFS Webinar - August 2011Intro to GlusterFS Webinar - August 2011
Intro to GlusterFS Webinar - August 2011
 
Firebird database recovery and protection for enterprises and ISV
Firebird database recovery and protection for enterprises and ISVFirebird database recovery and protection for enterprises and ISV
Firebird database recovery and protection for enterprises and ISV
 
You suck at Memory Analysis
You suck at Memory AnalysisYou suck at Memory Analysis
You suck at Memory Analysis
 
Key-value databases in practice Redis @ DotNetToscana
Key-value databases in practice Redis @ DotNetToscanaKey-value databases in practice Redis @ DotNetToscana
Key-value databases in practice Redis @ DotNetToscana
 
Databases
DatabasesDatabases
Databases
 
Novell File Management Suite for Microsoft Active Directory Environments
Novell File Management Suite for Microsoft Active Directory EnvironmentsNovell File Management Suite for Microsoft Active Directory Environments
Novell File Management Suite for Microsoft Active Directory Environments
 
Hard Disk Encryptions
Hard Disk EncryptionsHard Disk Encryptions
Hard Disk Encryptions
 
App cap2956v2-121001194956-phpapp01 (1)
App cap2956v2-121001194956-phpapp01 (1)App cap2956v2-121001194956-phpapp01 (1)
App cap2956v2-121001194956-phpapp01 (1)
 
Inside the Hadoop Machine @ VMworld
Inside the Hadoop Machine @ VMworldInside the Hadoop Machine @ VMworld
Inside the Hadoop Machine @ VMworld
 

More from ckuyehar

Iehr ciif sdk-slides-draft-h
Iehr ciif sdk-slides-draft-hIehr ciif sdk-slides-draft-h
Iehr ciif sdk-slides-draft-hckuyehar
 
American Recovery and Reinvestment Act of 2009 HIT
American Recovery and Reinvestment Act of 2009 HITAmerican Recovery and Reinvestment Act of 2009 HIT
American Recovery and Reinvestment Act of 2009 HITckuyehar
 
The Rise and Fall and Rise of Standard MUMPS
The Rise and Fall and Rise of Standard MUMPSThe Rise and Fall and Rise of Standard MUMPS
The Rise and Fall and Rise of Standard MUMPSckuyehar
 
Clinica PECS2
Clinica PECS2Clinica PECS2
Clinica PECS2ckuyehar
 
RPMS EHR WorldVistA 061607
RPMS EHR WorldVistA 061607RPMS EHR WorldVistA 061607
RPMS EHR WorldVistA 061607ckuyehar
 
Vista For Research
Vista For ResearchVista For Research
Vista For Researchckuyehar
 
Mexico Pittsburgh Ece Introduction
Mexico Pittsburgh Ece IntroductionMexico Pittsburgh Ece Introduction
Mexico Pittsburgh Ece Introductionckuyehar
 
FQHC Orientation
FQHC OrientationFQHC Orientation
FQHC Orientationckuyehar
 
Chart Book 2006
Chart Book 2006Chart Book 2006
Chart Book 2006ckuyehar
 
WorldVistA 061607
WorldVistA 061607WorldVistA 061607
WorldVistA 061607ckuyehar
 
WorldVistA by K.S. Bhaskar
WorldVistA by K.S. BhaskarWorldVistA by K.S. Bhaskar
WorldVistA by K.S. Bhaskarckuyehar
 
FDA Presentation 07/17/07
FDA Presentation 07/17/07FDA Presentation 07/17/07
FDA Presentation 07/17/07ckuyehar
 
Landis - System Administration
Landis - System AdministrationLandis - System Administration
Landis - System Administrationckuyehar
 
Landis - Mumps
Landis - MumpsLandis - Mumps
Landis - Mumpsckuyehar
 
FileMan Training Part 3
FileMan Training Part 3FileMan Training Part 3
FileMan Training Part 3ckuyehar
 
FileMan Training Part 1
FileMan Training Part 1FileMan Training Part 1
FileMan Training Part 1ckuyehar
 
FileMan Training Part 2
FileMan Training Part 2FileMan Training Part 2
FileMan Training Part 2ckuyehar
 
WorldVistA Business Plan Overview
WorldVistA Business Plan OverviewWorldVistA Business Plan Overview
WorldVistA Business Plan Overviewckuyehar
 
WorldVistA Business Plan
WorldVistA Business PlanWorldVistA Business Plan
WorldVistA Business Planckuyehar
 

More from ckuyehar (20)

Iehr ciif sdk-slides-draft-h
Iehr ciif sdk-slides-draft-hIehr ciif sdk-slides-draft-h
Iehr ciif sdk-slides-draft-h
 
American Recovery and Reinvestment Act of 2009 HIT
American Recovery and Reinvestment Act of 2009 HITAmerican Recovery and Reinvestment Act of 2009 HIT
American Recovery and Reinvestment Act of 2009 HIT
 
The Rise and Fall and Rise of Standard MUMPS
The Rise and Fall and Rise of Standard MUMPSThe Rise and Fall and Rise of Standard MUMPS
The Rise and Fall and Rise of Standard MUMPS
 
Clinica PECS2
Clinica PECS2Clinica PECS2
Clinica PECS2
 
RPMS EHR WorldVistA 061607
RPMS EHR WorldVistA 061607RPMS EHR WorldVistA 061607
RPMS EHR WorldVistA 061607
 
Vista For Research
Vista For ResearchVista For Research
Vista For Research
 
Mexico Pittsburgh Ece Introduction
Mexico Pittsburgh Ece IntroductionMexico Pittsburgh Ece Introduction
Mexico Pittsburgh Ece Introduction
 
Iahit
IahitIahit
Iahit
 
FQHC Orientation
FQHC OrientationFQHC Orientation
FQHC Orientation
 
Chart Book 2006
Chart Book 2006Chart Book 2006
Chart Book 2006
 
WorldVistA 061607
WorldVistA 061607WorldVistA 061607
WorldVistA 061607
 
WorldVistA by K.S. Bhaskar
WorldVistA by K.S. BhaskarWorldVistA by K.S. Bhaskar
WorldVistA by K.S. Bhaskar
 
FDA Presentation 07/17/07
FDA Presentation 07/17/07FDA Presentation 07/17/07
FDA Presentation 07/17/07
 
Landis - System Administration
Landis - System AdministrationLandis - System Administration
Landis - System Administration
 
Landis - Mumps
Landis - MumpsLandis - Mumps
Landis - Mumps
 
FileMan Training Part 3
FileMan Training Part 3FileMan Training Part 3
FileMan Training Part 3
 
FileMan Training Part 1
FileMan Training Part 1FileMan Training Part 1
FileMan Training Part 1
 
FileMan Training Part 2
FileMan Training Part 2FileMan Training Part 2
FileMan Training Part 2
 
WorldVistA Business Plan Overview
WorldVistA Business Plan OverviewWorldVistA Business Plan Overview
WorldVistA Business Plan Overview
 
WorldVistA Business Plan
WorldVistA Business PlanWorldVistA Business Plan
WorldVistA Business Plan
 

Recently uploaded

Call Girls In ⇛⇛Chhatarpur⇚⇚. Brings Offer Delhi Contact Us 8377877756
Call Girls In ⇛⇛Chhatarpur⇚⇚. Brings Offer Delhi Contact Us 8377877756Call Girls In ⇛⇛Chhatarpur⇚⇚. Brings Offer Delhi Contact Us 8377877756
Call Girls In ⇛⇛Chhatarpur⇚⇚. Brings Offer Delhi Contact Us 8377877756dollysharma2066
 
Pitch Deck Teardown: NOQX's $200k Pre-seed deck
Pitch Deck Teardown: NOQX's $200k Pre-seed deckPitch Deck Teardown: NOQX's $200k Pre-seed deck
Pitch Deck Teardown: NOQX's $200k Pre-seed deckHajeJanKamps
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfpollardmorgan
 
Call Girls In Kishangarh Delhi ❤️8860477959 Good Looking Escorts In 24/7 Delh...
Call Girls In Kishangarh Delhi ❤️8860477959 Good Looking Escorts In 24/7 Delh...Call Girls In Kishangarh Delhi ❤️8860477959 Good Looking Escorts In 24/7 Delh...
Call Girls In Kishangarh Delhi ❤️8860477959 Good Looking Escorts In 24/7 Delh...lizamodels9
 
Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...
Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...
Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...lizamodels9
 
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...lizamodels9
 
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCRsoniya singh
 
Lean: From Theory to Practice — One City’s (and Library’s) Lean Story… Abridged
Lean: From Theory to Practice — One City’s (and Library’s) Lean Story… AbridgedLean: From Theory to Practice — One City’s (and Library’s) Lean Story… Abridged
Lean: From Theory to Practice — One City’s (and Library’s) Lean Story… AbridgedKaiNexus
 
RE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman LeechRE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman LeechNewman George Leech
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...lizamodels9
 
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCRsoniya singh
 
Call Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any TimeCall Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any Timedelhimodelshub1
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis UsageNeil Kimberley
 
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDF
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDFCATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDF
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDFOrient Homes
 
Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessAggregage
 
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...lizamodels9
 
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service JamshedpurVIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service JamshedpurSuhani Kapoor
 
Non Text Magic Studio Magic Design for Presentations L&P.pptx
Non Text Magic Studio Magic Design for Presentations L&P.pptxNon Text Magic Studio Magic Design for Presentations L&P.pptx
Non Text Magic Studio Magic Design for Presentations L&P.pptxAbhayThakur200703
 
FULL ENJOY - 9953040155 Call Girls in Chhatarpur | Delhi
FULL ENJOY - 9953040155 Call Girls in Chhatarpur | DelhiFULL ENJOY - 9953040155 Call Girls in Chhatarpur | Delhi
FULL ENJOY - 9953040155 Call Girls in Chhatarpur | DelhiMalviyaNagarCallGirl
 

Recently uploaded (20)

Call Girls In ⇛⇛Chhatarpur⇚⇚. Brings Offer Delhi Contact Us 8377877756
Call Girls In ⇛⇛Chhatarpur⇚⇚. Brings Offer Delhi Contact Us 8377877756Call Girls In ⇛⇛Chhatarpur⇚⇚. Brings Offer Delhi Contact Us 8377877756
Call Girls In ⇛⇛Chhatarpur⇚⇚. Brings Offer Delhi Contact Us 8377877756
 
Pitch Deck Teardown: NOQX's $200k Pre-seed deck
Pitch Deck Teardown: NOQX's $200k Pre-seed deckPitch Deck Teardown: NOQX's $200k Pre-seed deck
Pitch Deck Teardown: NOQX's $200k Pre-seed deck
 
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdfIntro to BCG's Carbon Emissions Benchmark_vF.pdf
Intro to BCG's Carbon Emissions Benchmark_vF.pdf
 
Call Girls In Kishangarh Delhi ❤️8860477959 Good Looking Escorts In 24/7 Delh...
Call Girls In Kishangarh Delhi ❤️8860477959 Good Looking Escorts In 24/7 Delh...Call Girls In Kishangarh Delhi ❤️8860477959 Good Looking Escorts In 24/7 Delh...
Call Girls In Kishangarh Delhi ❤️8860477959 Good Looking Escorts In 24/7 Delh...
 
Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...
Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...
Lowrate Call Girls In Laxmi Nagar Delhi ❤️8860477959 Escorts 100% Genuine Ser...
 
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
Call Girls In Radisson Blu Hotel New Delhi Paschim Vihar ❤️8860477959 Escorts...
 
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Keshav Puram 🔝 Delhi NCR
 
Lean: From Theory to Practice — One City’s (and Library’s) Lean Story… Abridged
Lean: From Theory to Practice — One City’s (and Library’s) Lean Story… AbridgedLean: From Theory to Practice — One City’s (and Library’s) Lean Story… Abridged
Lean: From Theory to Practice — One City’s (and Library’s) Lean Story… Abridged
 
RE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman LeechRE Capital's Visionary Leadership under Newman Leech
RE Capital's Visionary Leadership under Newman Leech
 
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
Call Girls In Sikandarpur Gurgaon ❤️8860477959_Russian 100% Genuine Escorts I...
 
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
(8264348440) 🔝 Call Girls In Hauz Khas 🔝 Delhi NCR
 
Call Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any TimeCall Girls Miyapur 7001305949 all area service COD available Any Time
Call Girls Miyapur 7001305949 all area service COD available Any Time
 
2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage2024 Numerator Consumer Study of Cannabis Usage
2024 Numerator Consumer Study of Cannabis Usage
 
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDF
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDFCATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDF
CATALOG cáp điện Goldcup (bảng giá) 1.4.2024.PDF
 
Sales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for SuccessSales & Marketing Alignment: How to Synergize for Success
Sales & Marketing Alignment: How to Synergize for Success
 
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
Call Girls In Connaught Place Delhi ❤️88604**77959_Russian 100% Genuine Escor...
 
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service JamshedpurVIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
VIP Call Girl Jamshedpur Aashi 8250192130 Independent Escort Service Jamshedpur
 
Non Text Magic Studio Magic Design for Presentations L&P.pptx
Non Text Magic Studio Magic Design for Presentations L&P.pptxNon Text Magic Studio Magic Design for Presentations L&P.pptx
Non Text Magic Studio Magic Design for Presentations L&P.pptx
 
Best Practices for Implementing an External Recruiting Partnership
Best Practices for Implementing an External Recruiting PartnershipBest Practices for Implementing an External Recruiting Partnership
Best Practices for Implementing an External Recruiting Partnership
 
FULL ENJOY - 9953040155 Call Girls in Chhatarpur | Delhi
FULL ENJOY - 9953040155 Call Girls in Chhatarpur | DelhiFULL ENJOY - 9953040155 Call Girls in Chhatarpur | Delhi
FULL ENJOY - 9953040155 Call Girls in Chhatarpur | Delhi
 

VistA GT.M & Linux Security 062506

  • 1. GT.M/Linux Robustness, Security, & Continuity of Business for VistA K.S. Bhaskar Fidelity Information Services, Inc. ks.bhaskar@fnf.com +1 (610) 578-4265
  • 2. Objectives • Correct information and usable functionality is available for those who need it, when they need it – Within limits of the design and implementation • Not available otherwise 2
  • 3. Layers • VistA – separate topic, covered by Dave Whitten • MUMPS [GT.M] • Operating System [GNU/Linux] 3
  • 4. GT.M Security • Daemonless architecture – Processes run with normal user ids – Processes can access database files if they have access permissions granted by the operating system – Enable / control using file ownership & permissions; user & group ids • Use Access Control Lists (ACLs) or SE Linux for finer grained control • Published security model – read it, understand it, use it 4
  • 5. GT.M Database and Routine Access Routine Routine $ZROutines $ZGbldir Process Process global directory shared memory control structures database journal file file 5
  • 6. GT.M Security – ASP Routine Routine $ZROutines $ZGbldir shared memory control structures global directory Process Process database file journal shared memory file database journal control structures file file 6
  • 7. Robustness • Journaling – Use before image journaling in production – Consider journaling even for development environments • NOBEFORE may suffice, unless replicated • Backup early, backup often • Integrity – Trust but verify 7
  • 8. Logical multi-site operation Secondary Primary ... Tertiary 1 primary Secondary ... 16 secondaries Tertiary 256 tertiaries 4096 quarternaries 8
  • 9. Linux security • Use Linux security! – Each user has own user id – Each group has own group id – ssh, xinetd, stunnel, etc. – build on standard security models and tools that the Internet infrastructure is built on 9
  • 10. Encryption • Use the loop-aes file system – Databases – Journal files – Swap files • Remember to encrypt back-ups (e.g., with mcrypt) – Unencrypted backups are perhaps the most overlooked serious vulnerability • You can't stop the National Security Agency from getting your patient data if they want to, but you can make it hard for them 10
  • 11. What gives? • The weakest link – If humans and strong passwords are your weakest link, you have done a good job of security – Absolute security does not exist – you just want to make it not a worthwhile investment of time and effort 11
  • 12. Thank you K.S. Bhaskar ks.bhaskar@fnf.com +1 (610) 578-4265 12