Security Classes are a central part of CA Endevor/DB security. Within the Security Class, restrictions are defined which apply to Dictionaries, CCIDs, and Users. Each one of these entities can be associated with a different Security Class. At execution time, the Security System combines all the Security Classes referenced and arrives at a resultant Security Class. If a permission is disallowed at any level (Dictionary, CCID, or User), the resultant Security Class disallows the action.
The Dictionary, CCID, and User definitions each contain a reference to a Security Class name. There is usually no more than five or six Security Classes in a CCDB. Many installations set up one for the security administrator (usually NDVR-GLOBAL), one for the Dictionary (usually NDVR-GLOBAL), one for the DBA, one for development leaders, and one for general application developers.
Security classes can be defined and maintained using either the Online front end or the Batch front end. The commands used in the Batch front end are ADD, MODIFY, and DELETE SECURITY CLASS. Refer to the CA Endevor/DB for CA IDMS Batch Reference Guide for further information on using them. The meanings of the various options for the ADD SECURITY CLASS or MODIFY SECURITY CLASS commands are discussed in the following description of the Online screens.
When using the Online front end, Security Classes are maintained under the Control Functions screen. To access this screen:
The System Control Functions screen displays as follows:
CA-E/DB nn.n volser CA-ENDEVOR/DB SYSTEM CONTROL FUNCTIONS mm/dd/yy NDVRUA00 USER ===> EDBADMIN DICTNAME ===> SRCNDVR MODE ===> UPDATE OPTION ===> 1 - BROWSE CCDB DESCRIPTOR RECORD 2 - MODIFY CCDB DESCRIPTOR RECORD 3 - BROWSE SECURITY DESCRIPTORS 4 - ADD A SECURITY DESCRIPTOR 5 - MODIFY SECURITY DESCRIPTORS 6 - DELETE SECURITY DESCRIPTORS 7 - BROWSE MONITOR DICT STAT BLOCKS 8 - MODIFY MONITOR DICT STAT BLOCKS SECURITY CLASS ===> (IF OPTIONS 3, 4, 5, 6 ) DICTNAME ===> SRCNDVR (IF OPTIONS 7, 8 )
To add a new Security Class, enter 4 in the OPTION field.
To modify an existing Security Class, enter 5 in the OPTION field.
To delete a Security Class, enter 6 in the OPTION field.
To go directly to the Security Class Detail screen (NDVRMA10), enter the name of the Security Class to be processed in the Security Class field. If you clear that field, you will first go to the Security Class List screen (NDVRUA10).
CA-E/DB nn.n volser SECURITY CLASS LIST mm/dd/yy NDVRUA10 USER ===> EDBADMIN DICTNAME ===> SRCNDVR MODE ===> UPDATE ACTION ===> MODIFY SECURITY CLASS COMMENT _ QA SECURITY CLASS FOR QUALITY ASSURANCE _ DEVELOPMENT SECURITY CLASS FOR DEVELOPMENT _ SUPPORT SECURITY CLASS FOR TECHNICAL SUPPORT s NDVR-DDA DICTIONARY ADMINISTRATION CAPABILITIES s NDVR-GLOBAL UNIVERSAL ENDEVOR/DB AND DICTIONARY CAPABILITIES ** END **
|
Copyright © 2013 CA.
All rights reserved.
|
|