|
|
|
Use CA ACF2 extended rule sets to define tape encryption data set selection profiles. In this example, all of the data set selection profiles are defined within the DSN key set. The extended rule sets that accompany the key set will be used to associate the encryption parameter by using the $USERDATA field with the data set name. The first two data set selection profiles are generic definitions and could encrypt a wide range of data sets. However, the third data set is a fully-qualified data set selection profile and will only be invoked when an exact data set name matches this key set.
ACF
COMPILE STORE
$KEY(DSN) TYPE(BES)
$USERDATA(DOES NOT MATTER HERE)
UID(*) ALLOW
ACH.PROD.- UID(*) NEXTKEY(DSNACFSYMM) PREVENT
POS.XMIT.SECURED.- UID(*) NEXTKEY(DSNACFCODE) PREVENT
XMT.DAILY.FED.XMIT.DATA UID(*) NEXTKEY(DSNACFCERT) PREVENT
COMPILE STORE
$KEY(DSNACFSYMM) TYPE(BES)
$USERDATA(BES2=(ACFSYMM))
UID(*) ALLOW
COMPILE STORE
$KEY(DSNACFCODE) TYPE(BES)
$USERDATA(BES=(BOOK(ACFCODE).AES128))
UID(*) ALLOW
COMPILE STORE
$KEY(DSNACFCERT) TYPE(BES)
$USERDATA(BES=(RSA(BTERING):ACFCERT.3DES128))
UID(*) ALLOW
| Copyright © 2011 CA. All rights reserved. | Tell Technical Publications how we can improve this information |