Previous Topic: Sample Command Protection Control Statements for RACF

Next Topic: Sample Utility Protection Control Statements for RACF

Sample Key Protection Control Statements for RACF

The following sample shows a key protection control statement in TBESAF99 format. The first entry shows an example of specifying a generic key name.

BES  TYPE=KEYSYMM,NAME=AES256_KEY
BES6 TYPE=KEYCODE,NAME=BOOK1

The following sample shows the resulting control statements generated by TBESAF99 for importing into IBM Security Server RACF. The first RDEFINE statement defines a symmetric key named AES256_KEY globally to all BES subsystems. The second RDEFINE statement defines any code book that begins with BOOK1 to BES6.

RDEF CA@BES BES.KEYSYMM.AES256_KEY 
 0WNER(RACFOWNR)
RDEF CA@BES BES6.KEYCODE.BOOK1*    
 OWNER(RACFOWNR)