|
|
|
Use the PERMIT command to define permissions for a specific key and one or more specific users on a specified subsystem for CA Top Secret. Use this command with an associated ADDTO command for the key.
This command has the following format:
TSS PERMIT(acidname) CA@BES(BESn.key_type.key_name) ACCESS(READ)
Indicates a CA Top Secret command.
Indicates the PERMIT command.
Specifies the accessor ID.
Specifies the general resource class for CA Tape Encryption. For keys, this is always CA@BES.
Indicates the BES task number. If you specify BES with no subsystem identifier, the profile applies to all BES subsystems.
Indicates the type of key to define. Options for this parameter are as follows:
Specifies a code book.
Specifies a digital certificate key pair.
Specifies a symmetric key.
Specifies the name of the key.
Specifies the permission access granted. This value is always READ. It allows the specified user to use the key.
Example: Permit a user to access a key on a specific subsystem
This example defines permission for user SECADMIN to use a symmetric key named AES256_KEY on BES4.
TSS PERMIT(SECADMIN) CA@BES(BES4.KEYSYMM.AES256_KEY) ACCESS(READ)
| Copyright © 2011 CA. All rights reserved. | Tell Technical Publications how we can improve this information |