Changes to these CICS tables are optional: DCT, FILE, JCT, TERMINAL, TST, and TRANSACTION. This section describes the changes to these tables in detail.
The TERMINAL definitions contain terminal ID information. The following security parameters can be defined. See IBM's CICS Resource Definition Guide for specific details.
For assembled DFHTCT TYPE=TERM entries for individual terminals; or for CEDA defined TERMINAL definitions in the CSD file.
For users defined to CA Top Secret, the OPERID record is accessed from the CA Top Secret Security File via the OPIDENT keyword.
This value sets the default operator priority for transaction initiated from this terminal.
Specifies whether transaction text is automatically translated at the terminal:
All data entered is automatically translated to uppercase. (Default.)
The TRANID is converted to uppercase, but the terminal buffer is not translated.
Uppercase translation does not take place.
UCTRAN(YES) cannot be used when mixed case passwords are required in a CICS region. Mixed case passwords are appropriate for CTS 3.1 and above with z/OS 1.7 and above only.
For assembled DFHTCT TYPE=TERMTYPE entries for terminal groups; or for CEDA defined TYPETERM definitions in the CSD file:
Specifies capitalization policy default for terminals where the TYPETERM is a model to control whether:
All data entered will be automatically uppercased (default)
The TRANID will be uppercased, but the terminal buffer will remain untranslated
No uppercase translation will take place.
UCTRAN(YES) cannot be used when mixed case passwords are required within a CICS region. For details of this terminal attribute, please see appropriate CICS documentation. Mixed case passwords are only appropriate for CTS 3.1 and above, with z/OS 1.7 and above.
This security parameter is honored by CA Top Secret.
The specified userid is signed on by CICS at the time the terminal is installed. The USERID must be defined to CA Top Secret and normal signon restrictions are enforced.
Note: TERMINAL output‑only definitions are not protected terminals. ATS is not used for an output‑only terminal.
Specify the following operands to indicate whether you want resource checking and SPI security checking done on this transaction.
Indicates whether CA Top Secret activates security checking for resources.
Activates security checking for resources used by the transaction.
Bypasses security checking for resources used by the transaction.
Indicates whether CA Top Secret activates command security checking.
Activates command (SPI) security checking for the transaction.
Bypasses command security checking for the transaction.
Note: CA Top Secret security options can override these values if FACILITY PCTRESSEC=OVERRIDE or PCTCMDSEC=OVERRIDE is set.
Trigger level transactions now run under the CICS default userid, not the userid of the signed‑on user. Code the USERID=name operand with the userid you want CA Top Secret to use for security checking for the trigger level transaction specified on the TRANSID operand as follows:
DFHDCT TYPE=INTRA,DESTFAC=FILE,TRIGLEV=n,TRANSID=yyyy,
USERID=acidname
See the IBM CICS Resource Definition Guide for details.
Note: Due to the automatic nature of DCT Signon, acidname must be able to sign on to the region, have permission to the DCT and the transaction yyyy, and have PASSWORD(NOPW,0).
If you want security checking done on your temporary storage queues, you must establish the temporary storage queue security attribute for each explicit or generic queue name you want to secure.
If you use TST tables to define your temporary storage queues, you must reassemble your TST table with the following entry:
DFHTST TYPE=SECURITY,DATAID=character-string
If you use a TSMODEL to define your temporary storage queue, you must specify the SECURITY attribute for each model you want to secure:
SECURITY(YES)
For more details, see the IBM CICS Resource Definition Guide.
|
Copyright © 2014 CA Technologies.
All rights reserved.
|
|