Previous Topic: Wildcards in User-defined Classes ResourcesNext Topic: Managing Authorization

Endpoint Administration Guide for UNIXManaging ResourcesClassesUser-Defined ClassesUser-Defined Class—Example

User-Defined Class—Example

Suppose that your system serves a bank and you want to protect transfers of large amounts between accounts. You can use the following outline to set up this security.

  1. Define a class to contain the records that describe transfers, called, for example, TRANSFERS.
  2. For each monetary level transfer that you might want to protect, define a record in the TRANSFERS class.

    For example, you might define records named Upto.$1K, Upto.$1M, Upto.$10M, and Over.$10M.

    Define any other resources that you need to control transfers as members of the TRANSFERS class.

  3. To give different users permission to perform different maximum transfers, grant or deny them access to the various records in the TRANSFERS class.
  4. In addition, to handle programmatic transfers, insert in the bank's money‑transfer program a call to the CA ControlMinder API, so that it checks the user's permission before it allows a transfer to proceed.