CA ACF2 Option for DB2 controls access to DB2 resources through CA ACF2 Option for DB2 rules. CA ACF2 Option for DB2 rules define the conditions for sharing DB2 resources. They specify who can access the resource and the terms under which the access can occur. For example, a rule can limit access to a resource to a specific week or other time period, such as 9:00 AM to 5:00 PM.
Rules are grouped into infostorage records called rule sets. A rule set contains:
CA ACF2 Option for DB2 sorts rule entries according to certain criteria. In general, CA ACF2 Option for DB2 sorts rule parameters alphabetically (in the case of the SHIFT parameter) or from most specific to least specific (in the case of the UID parameter). When a request to access a resource is made, CA ACF2 Option for DB2 selects the first rule that matches the environment of the actual request and uses it to determine the access permission. See “Writing CA ACF2 Option for DB2 Rules,” for more information about sorting.
To write a CA ACF2 Option for DB2 rule, you must be a security administrator or be granted change authority through the %CHANGE or %RCHANGE control statement of the rule set.
|
Copyright © 2011 CA Technologies.
All rights reserved.
|
|