|
|
|
The access control software approach establishes both an environment and an authorized path for library updates that can be done under your user ID. You decide what the environment and the authorized path should be. For example, you might need to link a new module into a load library. You might also want to add or delete load modules or compress the load library. When you perform these functions, you normally use an ISPF screen or a batch job executing IEBCOPY or the linkage editor. The access control software can ensure that changes to your own load libraries occur only when the update is performed through IEBCOPY or the linkage editor from a secured system library, or in a certain ISPF environment. Any attempt to update a library outside of these conditions is prevented. Therefore, your programs are protected from infection if you inadvertently execute someone else’s virus‑infected program.
Because these techniques are designed to stop any update attempts of your program libraries except through normal compile and link, copy, or compress operations, you need to change a rule or contact your data security administrator to perform any nonstandard activity, such as to zap a module. Also, these techniques are effective only if the system software is both uninfected and protected from attack.
The specific techniques available in each access control software package are described in the following sections.
| Copyright © 2009 CA. All rights reserved. | Tell Technical Publications how we can improve this information |