Controlling Foresight Analytics Platform and repository metadata integrity is executed as a result of:
Checking Foresight Analytics Platform integrity.
Checking repository metadata integrity.
Checking user auditing correctness.
Backup and restore of security policy.
If on installing Foresight. Analytics Platform checksum verification, is enabled, then on each loading, Foresight. Analytics Platform is attended with the check of integrity: the existence of all executable files, and their checksums are verified. Checksums are also verified on dynamic loading of libraries. In case of detecting integrity violation the user receives a message with description of corrupted files. The following work with Foresight. Analytics Platform is locked.
To restore program integrity, the administrator’s involvement is required.
Executed files or their contents can be damaged due to:
Malicious acts
User errors
Viruses
Other reasons.
NOTE. Checking integrity of Foresight. Analytics Platform is available only on starting desktop application.
On working via BI server installed on Linux, integrity is checked on startup and the first addressing to web service. If file integrity is violated in the client application, a message about file integrity violation at BI server appears.
To check up repository metadata integrity, the checksums are performed using a specific method by object contents. A checksum changes after any object modification. To verify checksum, it has to be initially performed. After checking the object for the second time, the previous checksum is compared to the current one. If the checksum has been changed, this means that the object was changed.
NOTE. Repository metadata integrity check is available only in the desktop application.
To check the p4audit service user that is required to perform a correct user audit, user locking mechanism check is used. The p4audit service user is created in security manager or in repository manager. In case of incorrect creation of the p4audit user, schema reinstallation or malicious actions, the security system might function with errors.
To check user locking mechanism, use the Tools section.
NOTE. User locking mechanism check is available only in the desktop application.
To save security policy, audit settings, group and user information, object access permissions, backup and restore security policy is used. Operations on copying and restoring security policy are saved to the log.
To save backup and restore security policy, use the Tools section.
See also:
Administration and Access Control | Checking Repository Metadata Integrity | Checking Security Policy Integrity