CA ACF2 for VM employs a two‑level access protection scheme for data accesses. One level is for minidisks and DASD volumes when you issue a CP LINK or ATTACH command, or when CA ACF2 for VM processes a VM directory LINK or DEDICATE statement. Minidisk and DASD volume protection is always active. The second level of protection applies to file accesses. This is called CMS file‑level protection.
CMS file‑level protection is optional and applies to file accesses using VM diagnose I/O or accesses using OS/390, VSE, or VSAM services of CMS. Issue the ACF SHOW SYSTEMS subcommand to determine if CMS file‑level security is active and examine the CMS SECURITY field.
An access rule applies to different entities. For VM data, an access rule applies to minidisks and CMS data a VM user ID owns. The key to a VM rule is the user ID. For attachable DASD devices, a special rule called a SYSTEM rule validates accesses. The key to the SYSTEM rule is defined in the OPTS VMO record. Data set rules govern access to OS/390 and VSE data sets. The key to an OS/390 or VSE rule is the high‑level index of the data set name.
|
Copyright © 2009 CA Technologies.
All rights reserved.
|
|