The CA Tape Encryption Processing ACID

Defining Security Protection Profiles in CA Top Secret › The CA Tape Encryption Processing ACID

The CA Tape Encryption Processing ACID

A special ACID, referred to as the CA Tape Encryption processing ACID, is required to perform certain RACROUTE functions for the CA Tape Encryption SAF Interface. Consider the following points when defining the processing ACID:

The processing ACID is not used to determine access for any resource.
The processing ACID is not used to determine system entry and therefore should be defined without a password.
BES.TSS.ACID must specify the processing ACID name on the APPLDATA parameter of the PERMIT command. The PERMIT statement must grant READ access to the Started Task ACID assigned to the BES subsystem.
BES.TSS.ACID must have a PERMIT command issued for all CA Tape Encryption resource profiles defined in the CA@BES and OPERCMDS resource classes. This includes the control profiles BES.SECURITY and BES.TSS.ACID.
BES.TSS.ACID must be defined to include the facilities of STC and BATCH. If these are omitted you will receive authorization failures during CA Tape Encryption initialization or during RELOAD=SECURITY processing.

Tell Technical Publications how we can improve this information