|
|
|
This feature is not supported by CA ACF2. Global security profiles apply to all BES subsystems and are specified by omitting the BES subsystem identifier on the first node of the resource definition (such as BES.COMMANDS.PROTECT, BES.KEYSYMM.AES128, and so on). Think of global security profiles as default profiles that govern all BES subsystems. If a resource (command, key, or utility) or processing parameter is not defined to a specific local BESn subsystem, CA Tape Encryption is governed by the global security profile.
For CA Top Secret and IBM Security Server RACF installations, all CA Tape Encryption resource and security processing parameters can be defined at the global level. For CA ACF2 all resource profiles can be define by using pseudo-global definitions.
CA Tape Encryption will first examine CA@BES or OPERCMDS for local (for example, BESn) profiles and if not found the global profiles for these resource classes are examined.
For a list of resources and processing parameters that can be defined at the global level, see the appendix “SAF Interface Parameter Reference List.”
Note: To differentiate between global and local resource profiles, global profile definitions do not have the BES subsystem number defined on the first node of the resource definition.
| Copyright © 2011 CA. All rights reserved. | Tell Technical Publications how we can improve this information |