Using the TBESAF99 Utility to Generate Security Profiles › TBESAF99 Utility › Utility Protection Profile Definitions for TBESAF99

Utility Protection Profile Definitions for TBESAF99

Use the utility control commands to define each eligible CA Tape Encryption utility you want to protect, that is, TBEKMUTL and TBESHOW. Use this control statement as input to TBESAF99 to generate control statements for your security system.

For RACF and CA Top Secret, you have the option to control each eligible CA Tape Encryption utility at the global level for all BES subsystems or at the local level for each BES subsystem. For CA ACF2 each utility definition must be specified at the local (BESn) level.

The following guidelines apply to this command:

• You can define a profile for the same utility on multiple BES subsystems.
• You can define only one global profile for all BES subsystems for each utility.
• Your use of utility protection profiles for individual utilities is optional, but if you create this type of profile, all the parameters are required.
• You must define each utility that you want to protect to each BES subsystem if the results you want are different from the global definition.

This command has the following format:

BESn TYPE=UTILITY,

 NAME=utility_name

n

Indicates the BES subsystem. To specify a global key protection profile used by all BES systems, start the command with BES and do not specify a BES subsystem.

Note: For CA ACF2, you must specify the BES subsystem number.

TYPE=UTILITY

Indicates the definition of a protection profile for a CA Tape Encryption batch utility program.

NAME=utility_name

Indicates the batch utility for the security system to protect. Options for this parameter are as follows:

TBEKMUTL

Specifies the TBEKMUTL utility.

TBESHOW

Specifies the TBESHOW utility.