We recommend that you employ a single standard security model covering both z/OS resources and UNIX resources.
Business Value:
The SAF HFS security feature lets CA Top Secret bypass z/OS UNIX security access validation. CA Top Secret then secures z/OS UNIX using familiar tools, procedures, and processes. This familiarity helps improve end user efficiency and can limit errors.
Additional Considerations:
Today's z/OS system is actually a merger of two discrete operating systems—the traditional mainframe MVS operating system and the UNIX operating system. Most elements of both are merged into a single, cohesive package, but security remains two separate security models—the traditional mainframe MVS security model and the traditional UNIX security model.
For security administration of z/OS UNIX, the default UNIX method does not provide the same granular control that CA Top Secret HFS security provides. In addition, HFS security is maintained using the same procedures as used for traditional z/OS resources.
SAF HFS security is an application of event notification facility (CAIENF) and UNIX System Services (USS). This security application activates when the appropriate Data Control Modules (DCMs) are linked into the ENF database.
More Information:
For detailed background information and the steps to enable this feature, see the Cookbook. For information about DCMs, see the Installation Guide.
|
Copyright © 2013 CA Technologies.
All rights reserved.
|
|