|
|
|
Use the IBM Security Server RACF Define resource (RDEF) command to define data set selection profiles to IBM Security Server RACF. If enabled, CA Tape Encryption will recognize the data set as a candidate for encryption.
Example: Define a RACF generic data set selection profile
This example uses the IBM Security Server RACF RDEFINE (define a general resource profile) synonym RDEF to define CA@BES generic data set definition. All data sets beginning with SYS2.BACKUP will be encrypted on BES2 and will use the 3DES192_KEY encryption key.
RDEF CA@BES DSN.SYS2.BACKUP.**
OWNER(secadmin)
APPLDATA('BES2=(3DES192_KEY)' )
Example: Define a RACF fully-qualified data set selection profile
This example defines a fully-qualified data set profile but will bypass encryption because DONOTENCRYPT is defined on the encryption parameter.
RDEF CA@BES DSN.SYSTEMS.PROD.BESBD.BACKUP
OWNER(secadmin) APPLDATA('BES=(DONOTENCRYPT)')
Example: Define a RACF discrete data set selection profile
This example defines a discrete data set selection profile and will only be used for data set ACH.PROD.BDTRNFO.FEDXMIT using a code book on BES3.
RDEF CA@BES DSN.ACH.PROD.BDTRNFO.FEDXMIT
OWNER(BES) APPLDATA('BES3=(BOOK(FED_CODE_BOOK):AES128)')
| Copyright © 2011 CA. All rights reserved. | Tell Technical Publications how we can improve this information |