[Question] about how access control is performed when using PIM

book

Article ID: 193031

calendar_today

Updated On:

Products

CA Virtual Privilege Manager CA Privileged Identity Management Endpoint (PIM)

Issue/Introduction

Customer wanted a high level explanation of how a PIM agent works.

Environment

Release : 12.8

Component : CA ControlMinder

Resolution

1) Rules and policies are stored in "/installpath/seosdb". This is encrypted.

2) When PIM is started, the rules are essentially compiled by seosd, and a lot of the compiled data is passed to the kernel module for the sake of processing speed.

3) At runtime, system calls are intercepted by PIM's kernel module. These will be evaluated against the compiled rules in the kernel module, and passed to seosd if needed, and acted upon.